vertical-playbooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's playbooks and node patterns (e.g., references/ecommerce.md "Order Webhook" and httpRequest examples, and multiple references to "AI Document Processing", "PO extraction from emails", "Document Analyzer" in SKILL.md and referenced files) show it ingests user-generated third‑party content (emails, uploads, webhook/API payloads) and expects the agent to parse/act on that content, which could enable indirect prompt injection.