gateway-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-generated third-party content (events/messages) — it drains Redis queues and forwards those events into the agent via drain()/sendUserMessage (Tier 1–3) and explicitly supports Telegram input via Tier 4's grammY bot, so untrusted web/social inputs (webhooks/Telegram) can be interpreted and drive agent actions.