async-python-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — the SKILL.md includes runtime flows that ingest untrusted third-party content (e.g., "Real-World Applications: Web Scraping with aiohttp" where scrape_urls/session.get fetches arbitrary URLs and the "WebSocket Server" section reads/iterates client messages that are then broadcast), so externally-provided content is consumed at runtime and can drive actions.