slack-bot-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill processes untrusted, user-generated Slack content as part of runtime (e.g., app.message handlers, app.command("/ticket") handlers reading the command body and modal inputs, and building messages from incident['description']), so it ingests third-party workspace messages that could carry indirect prompt-injection payloads.