implementing-proofpoint-email-security-gateway

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's agent explicitly ingests external, user-generated email content from the Proofpoint TAP API (see scripts/agent.py and references/api-reference.md — e.g., /v2/siem/messages/delivered and /v2/siem/clicks/permitted), parses subjects/URLs/threat payloads, and uses those results to generate findings and drive risk/response decisions (including quarantine/TRAP actions), creating a clear path for untrusted third-party content to influence agent behavior.