bknd-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill defines HTTP webhook endpoints and handlers (e.g., /webhooks/external, /webhooks/secure, the GitHub/Stripe webhook tasks, and the plugin route "/:source") that accept and parse arbitrary external webhook payloads from public services or users, so the agent ingests untrusted third-party content.