hostaway

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to read and act on Hostaway data — including "Message Thread / Message" — and to proxy arbitrary API requests to Hostaway via the "Proxy requests" section, which exposes user-generated third-party content (guest messages, listings, etc.) that the agent would ingest and could influence subsequent actions.