oncall-irm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary external alert payloads and calendar URLs (see "Webhook (custom/generic)" and "iCal Import" examples) and then evaluates those untrusted payload fields via Jinja2 routing templates (e.g., payload.labels, payload.message) to choose escalation chains, so third‑party content can directly influence runtime decisions and actions.