n8n-syntax-credentials

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly describes runtime HTTP requests to user-supplied external endpoints (e.g., ICredentialTestRequest: "n8n calls this endpoint when users click 'Test'..." and examples using httpRequestWithAuthentication/httpRequest with credentials.baseUrl), so untrusted third‑party API responses are fetched and can influence credential validation and subsequent node behavior.