custom-triggers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly describes ingesting external events from webhooks, file watchers, IoT devices, and other external event sources ("External event source (webhook, file watcher, IoT, CDC, etc.)" and the registerTriggerType/iii.trigger flow), which are untrusted third-party inputs the agent reads and that can drive function invocation and behavior, enabling indirect prompt injection.