haah

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill routinely calls the external haah.ing API (e.g., GET /heartbeat, GET /dispatch/pending, GET /connect/:token) and ingests user-generated answers from dispatch.requests and inbox.requests which the agent reads, interprets, and uses to draft/send replies or decide follow-up actions, exposing it to untrusted third-party content that could carry indirect prompt injection.