spacetimedb-client-typescript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md instructs the agent to connect to remote SpacetimeDB instances (e.g., withUri/wss://maincloud.spacetimedb.com) and to subscribe to queries (conn.subscriptionBuilder().subscribe(...) / subscribeToAllTables() and useTable hooks), which clearly ingests untrusted third‑party database rows/user-generated content into callbacks that can drive reducer invocations and next actions.