blink-realtime

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows the agent subscribing to realtime channels (e.g., blink.realtime.subscribe and channel.onMessage / channel.subscribe) and ingesting user-generated messages and presence from chat channels, which are untrusted third-party content the agent reads and could use to drive behavior, enabling indirect prompt injection.