Bun WebSocket Server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly ingests and acts on arbitrary, untrusted user-generated content via WebSocket handlers (e.g., websocket.message, ws.publish/ws.subscribe, ws.data populated from URL search params like user/room) and via the HTTP broadcast endpoint (/broadcast?msg=...) which the agent will read and interpret at runtime.