inngest-flow-control

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the runtime ingest of external event payloads (e.g., "webhook/data.received", "crm/contact.updated", and numerous uses of event.data.* in examples) and explicitly uses those untrusted fields to compute concurrency keys, throttling/rate limits, singleton behavior and priority, so third‑party/user-generated content can directly influence control flow and tool decisions.