hookdeck-event-gateway

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly describes ingesting webhooks from third-party providers (e.g., "Provider (Stripe, GitHub, Shopify...)" and the example handler app.post('/webhooks/stripe' ...) that parses req.body and acts on event data, so the agent will read and act on externally-sourced, potentially user-generated webhook payloads that can materially influence behavior.