hooks-configuration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly documents an "http" hook type (see "HTTP Hook Configuration" with an example URL like "https://hooks.example.com/pre-tool-use") that sends hook data to arbitrary HTTPS endpoints and reads their JSON responses to make permission/allow/deny and input-modification decisions, allowing untrusted third-party content to directly influence agent behavior.