build-zoom-team-chat-app

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's webhook-driven chatbot handlers (e.g., routes/webhook.js and concepts/webhooks.md) explicitly ingest untrusted user input (payload.cmd) and the docs/examples (examples/llm-integration.md, references/samples.md, unsplash-chatbot sample) show fetching and interpreting third‑party API/LLM responses (Claude/Anthropic, Unsplash) which are then used to decide actions and send messages, so untrusted external content can materially influence behavior.