shareplay-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's code and workflow explicitly ingest and act on user-generated content from other SharePlay participants via GroupSessionMessenger.messages(...) and GroupSessionJournal.attachments (e.g., Canvas.configureGroupSession, SessionController.observeRemoteGameModelUpdates in references/REFERENCE.md), which the agent reads and uses to update state and drive actions.