convex-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes an httpAction webhook example that directly reads arbitrary request.json payloads and passes them to internal processing (references/architectural-patterns.md "httpAction: Webhook" receiveWebhook), which clearly ingests untrusted third-party/user-provided content as part of its workflow.