dotnet-io-pipelines

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md includes code that reads and parses data from arbitrary network sources (e.g., tcpClient.GetStream() stream adapters and Kestrel ConnectionHandler using connection.Transport.Input), meaning the agent would ingest and act on untrusted third-party network/client content as part of its workflow.