resend-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill receives Resend webhooks at POST /webhooks/resend and explicitly (in comments and references like references/overview.md and the handlers in examples/*) may call the Resend Receiving API to fetch full inbound email bodies and attachments — i.e., user-generated, untrusted third‑party content that the agent parses and handles.