shopify-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill accepts and parses external Shopify webhook payloads sent to the POST /webhooks/shopify endpoint (webhook bodies originate from third‑party Shopify stores and contain user-generated content), so the agent consumes untrusted, external content as part of its workflow.