n8n-code-javascript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill clearly ingests untrusted public content: e.g., COMMON_PATTERNS.md Pattern 1 parses Hacker News/Reddit/RSS feeds and BUILTIN_FUNCTIONS.md documents using $helpers.httpRequest to fetch arbitrary URLs (and DATA_ACCESS.md covers webhook .body), so the agent would read and interpret user-generated third‑party content.