qe-n8n-integration-testing-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly includes required workflow code that fetches and parses responses from public third‑party APIs (e.g., Slack, Google Sheets, SendGrid/Mailchimp/Airtable endpoints in the Connectivity/Integration/GoogleSheets and API Key/Rate Limit sections), and those JSON/spreadsheet values and headers are inspected to drive decisions like token refresh, reauthorization, and retry/backoff, which exposes the agent to untrusted third‑party content.