n8n-core-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required documentation and examples (SKILL.md and references/examples.md, e.g. AP-003 and the Example/constructExecutionMetaData snippets) explicitly instruct nodes to call external URLs via this.helpers.httpRequest (e.g., https://api.example.com/users or user-supplied URLs like {{ $json.endpoint }}), which means the agent will fetch and interpret untrusted third-party web/API content as part of its workflow and that content can influence subsequent actions.