Webhook Automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly defines webhook endpoints that receive and process events from external third-party services (e.g., "Stripe Webhooks", "GitHub Webhooks", "Slack Webhooks" and the "incoming" webhook types), and those untrusted payloads are parsed and used by handlers (e.g., triggerCI, runTests, fulfillOrder) to drive actions, so external/user-generated content can directly influence behavior.