salvo-file-handling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and stores arbitrary user-uploaded content (e.g., handlers upload, upload_files, upload_with_openapi, chunked_upload) and then lists/serves those files back to clients via list_files and NamedFile downloads/views, so it clearly ingests and exposes untrusted, user-generated content that could carry indirect prompt injections.