espocrm-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's documentation shows the agent ingesting untrusted third-party content — e.g., the "Webhook (No Auth)" StripeWebhook in references/api-actions.md (reads and json_decodes webhook payloads) and the ExternalApiService in references/common-tasks.md (curl fetchCustomerData/syncCustomer calling arbitrary external APIs) — which the agent is expected to read and process as part of its workflows.