websockets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly ingests untrusted, user-generated messages from arbitrary WebSocket clients (e.g., socket.on("message", (data) => { io.emit("message", data); }) and the processAction(data) handling), so the agent would read and act on third-party content that could carry indirect prompt injections.