realtime

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's realtime examples clearly ingest and display untrusted, user-generated content at runtime — e.g., chat messages in api/controllers/chat/send.js, collaborative document content in api/controllers/documents/update.js, and live search queries in rules/patterns.md (search/subscribe.js) — which could expose an agent that reads or interprets those messages to indirect prompt injection.