websocket

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill accepts and processes arbitrary WebSocket messages from external clients (e.g., websocket.receive_json() / handle_message() / process_message() in websocket_endpoint), which are untrusted user-generated inputs that the agent would read and interpret at runtime.