flowstudio-power-automate-build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to accept and process arbitrary external webhook/HTTP payloads (see references/trigger-types.md "No-Schema Variant (Accept Arbitrary JSON)") and includes HTTP/child-flow and connector patterns (e.g., manual trigger bodies, external Http actions, Get_Email_Template, GetFileContent) that the agent is expected to read and use to drive flow logic, which exposes it to untrusted, user-generated third‑party content that can materially influence actions.