whatsapp-web-js

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and references/detailed-guide.md explicitly show the agent processing untrusted user-generated WhatsApp content (message events, msg.body, msg.downloadMedia, getBroadcasts, chat.syncHistory) and fetching arbitrary URLs (MessageMedia.fromUrl), so third‑party content from WhatsApp users or public sites can be read and used to drive agent actions.