digisign

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill interacts with the DigiSign service and explicitly downloads and reads user-provided content (e.g., POST /api/files uploads and GET /api/envelopes/{id}/download or GET /api/files/{id} downloads, plus webhook payloads and embed URLs such as /api/envelopes/{id}/download and /api/envelopes/{id}/recipients/{id}/embed), so it ingests untrusted, third-party user-generated documents and data as part of its workflow.