nodejs-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes examples that ingest and process external/untrusted content at runtime—e.g., HTTP client calls (fetch/https.get/axios to external APIs like https://api.example.com), HTTP servers that parse request bodies via req.on('data') and JSON.parse, and WebSocket handlers that parse client messages (ws.on('message'))—which clearly consume public or user-generated third-party content.