automate-whatsapp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly allows agent nodes and webhook/pipedream nodes to call arbitrary external HTTP endpoints (see flow_agent_webhooks and webhook node examples in references/node-types.md and references/app-integrations.md), so the agent fetches untrusted third-party responses at runtime and those responses can directly influence routing, variables, and tool actions.