chat-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime handlers (e.g., bot.onNewMention, bot.onSubscribedMessage) explicitly ingest and act on user-generated message.text from third-party chat adapters like Slack, Discord, GitHub, and Google Chat, so untrusted external content can directly influence agent prompts and subsequent actions (see the event handler and Streaming examples in SKILL.md).