n8n-code-javascript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly shows fetching and ingesting public, user-generated content (e.g., $helpers.httpRequest examples in BUILTIN_FUNCTIONS.md and multi-source aggregation parsing Hacker News/Reddit/RSS in COMMON_PATTERNS.md) and then reading that content to drive processing, filtering, ranking, and follow-up actions, so untrusted third-party content could materially influence behavior.