bun

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes code that fetches external URLs (e.g., fetch('https://api.example.com/data') and fetch('https://example.com/img.png')) and also ingests untrusted, user-provided content via HTTP endpoints (await req.json() on /api/data) and WebSocket message handlers (message(ws, message)), so the agent would read and act on third-party content.