webhook-receiver-hardener

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill ingests and processes untrusted third-party webhook payloads (e.g., req.body in router.post("/webhooks/provider") and the Stripe webhook handler using stripe.webhooks.constructEvent), so the agent would read and act on arbitrary external content.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes a Stripe webhook handling example (stripe.webhooks.constructEvent and processStripeEvent) and is specifically focused on securing/processing third‑party payment webhooks. Because Stripe is a payment gateway (a listed specific financial integration), this qualifies as a direct financial execution capability under the rule.