flame-systems

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes runtime network ingestion of untrusted external data—e.g., NetworkClient.connect(serverUrl) which listens to arbitrary WebSocket messages and FirebaseMultiplayer / CloudSaveManager that read Firestore/Realtime Database data and cloud saves—whose JSON messages/saves are parsed and acted on by the game logic, enabling indirect prompt-like injection into agent behavior.