posthog-webhooks-events

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly defines an Express webhook endpoint (/webhooks/posthog) and related handlers in SKILL.md and references/implementation-guide.md that ingest PostHog webhook payloads and event properties (from app.posthog.com) and then route actions (CRM sync, Slack notifications, API queries), so untrusted user-generated event data can directly influence decisions and tool use.