security-anticheat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill clearly ingests untrusted, user-generated client data via multiple RemoteEvent handlers (e.g., AttackRemote.OnServerEvent, DamageRemote.OnServerEvent, PurchaseRemote, chat sanitization) and records/logs those fields through logSuspiciousActivity/LoggingService, so the agent would read and act on arbitrary third-party content coming from game clients.