automation-workflow-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests untrusted third-party content — e.g., "매일 아침 특정 사이트의 데이터를 크롤링" (web crawling), the webhook handler reading req.json() from external webhooks, and integrations with Notion/SNS APIs — all of which involve reading user-generated or public web content that the agent would parse and act on.