iii-low-code-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly describes ingesting external webhooks ("HTTP triggers receive external webhooks (form submissions, payment events)") and an "auto::fetch-rss" fetch/transform chain in the reference implementation, so the agent would read and act on untrusted public content (RSS/webhook payloads) as part of its workflow.