integration-patterns-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill clearly defines and examples integration actions/syncs that call external provider APIs (e.g., HubSpot crm/v3/objects/contacts and Slack endpoints like users.info and response.data.channels shown in examples), which means the agent will ingest and parse third‑party / user‑generated API responses as part of its workflow and could therefore be exposed to indirect prompt injection.