ben-agent-email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required inbound flow uses Resend to receive arbitrary external emails (Resend catch-all → webhook POST /api/ai-email) which the AI email pipeline parses and responds to, meaning untrusted, user-generated content from the public internet is ingested and can influence agent actions.