aws-serverless-eda

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes explicit webhook-processing and messaging behavior (API Gateway webhook endpoint + Lambda handler that queues event.body, and SNS/SQS MCP servers that send/receive messages and DLQ processors), which ingests arbitrary external/user-provided webhooks and queue messages (untrusted third-party content) as part of its runtime workflow.