hookdeck

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly instructs the agent to retrieve and inspect Hookdeck data (e.g., list-events, get-event, list-requests and the membrane proxy request flow), which pulls webhook/event payloads and other user-generated third-party content that the agent will read and that could contain instructions influencing subsequent actions.