scheduled-jobs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md "External API Sync" example/template shows scheduled jobs calling an external endpoint via sn_ws.RESTMessageV2 (https://api.example.com/sync) and assigning response.getBody() to record fields, which clearly ingests untrusted third-party API content that can influence subsequent job logic and record updates.