slack-workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows explicitly ingest and post external/user-generated content (e.g., HubSpot n8n triggers, GitHub PR fields like {pr_description_summary}, receipt_url, {stripe_link}, runbook/dashboard URLs) into Slack as part of runtime automation, meaning untrusted third-party content could alter messages and drive approvals, routing, or other actions.