hookdeck-event-gateway-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill exposes the agent to arbitrary third-party webhook payloads forwarded via Hookdeck to the /webhooks endpoint (Hookdeck forwards and preserves original provider bodies/headers from sources like Stripe, GitHub, Shopify), and the code explicitly parses and acts on those payloads—i.e., it ingests untrusted, user/provider-generated content as part of its workflow.