nocobase-workflow-manage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and references explicitly include HTTP request nodes that call arbitrary external URLs (references/nodes/request.md) and instruct the agent to fetch and inspect job results (GET /api/jobs:get) and execution/job outputs (SKILL.md "Diagnosing a Failed Execution"), meaning the agent will read untrusted third‑party responses as part of its decision-making and remediation steps.