bknd-protect-endpoint

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill accepts and processes arbitrary untrusted user-generated HTTP request content (e.g., reading request bodies via c.req.json() / input.json() in server.post handlers and the /api/webhook/external endpoint), so it ingests third‑party input that the agent will read and interpret as part of its workflow.