flowstudio-power-automate-build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs building flows that accept arbitrary external HTTP/webhook payloads (see references/trigger-types.md "No-Schema Variant" mentioning Stripe/GitHub) and shows patterns that parse and act on triggerBody()/Parse JSON (references/action-patterns-data.md), so untrusted public webhook/content is ingested and can drive subsequent actions.