evernote-webhooks-events

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly retrieves user-generated Evernote content via the Evernote sync API (see references/implementation-guide.md Step 3: Sync Service) and processes those notes in the event processor and handlers (services/event-processor.js and handlers/event-handlers.js), so untrusted third-party note content is ingested and can influence downstream actions.