shareplay-activities

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests and acts on user-generated content from other participants — e.g., handling messages via GroupSessionMessenger.messages(of:) (StrokeMessage, QuizQuestion/Answer, etc.) and loading attachments via GroupSessionJournal.attachments — which are untrusted third-party inputs that can materially change app behavior.