spectacles-connected-lenses

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md clearly ingests untrusted, user-generated runtime data from other clients via RealtimeStore (see "RealtimeStore — Shared State" and its onValueChanged handler) and from public Lens Cloud entries (see "Persistent Shared Data" with lensCloud.get and 'public_all'), and then uses those values to update UI/game state (displayNote, updateGameUI), so third-party content can directly influence agent behavior.