golang-backend-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill includes runtime code that ingests untrusted, third‑party/user‑generated content — for example WebSocket readPump/hub.broadcast (serveWs) handling arbitrary client messages, the file upload handler (handleFileUpload) parsing multipart form data, the EventConsumer consuming AMQP messages, and HTTP client/server examples (httpDo and various handlers) that read arbitrary request bodies or fetch external URLs — so an agent using these patterns would read/interpret external content that could carry indirect prompt injections.