klaviyo-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches campaign message bodies and templates from users' Klaviyo accounts (see "Inspect Campaign Messages" in SKILL.md using KLAVIYO_GET_CAMPAIGN_MESSAGE and the note that including 'template' provides the HTML/text content), which is untrusted user-generated third-party content the agent is expected to read and could materially influence subsequent actions.