salvo-concurrency-limiter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill exposes endpoints that accept and process arbitrary user file uploads (see the HTML forms posting to /unlimit and /limited and the upload handler using req.file(...) and the "analyze" / "analyze_large_file" examples), which clearly ingests untrusted, user-generated content as part of its runtime workflow.