fastapi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests untrusted, user-generated content—specifically via the /upload endpoint which reads uploaded file content and magic bytes, and the WebSocket endpoint (/ws) which accepts and broadcasts arbitrary client messages—so the agent would read/interpret third-party input at runtime.