emitting-api-events

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill performs runtime HTTP interactions with arbitrary subscriber webhook URLs (see references/examples.md: webhook registration using fetch(HEAD) and deliverWebhook that POSTs to webhook.url and acts on response codes), so untrusted third-party endpoints can influence retry/deactivation behavior and thus materially affect agent actions.