email-service-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes a POST /api/webhooks/sendgrid webhook handler (in SKILL.md and the eval tasks) that ingests SendGrid delivery events (bounces, spamreports, unsubscribes) — untrusted third-party/user-generated data — and uses them to update a suppression list that directly gates later send decisions, so external content can materially influence agent behavior.