pubnub-functions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs PubNub Functions to call arbitrary external HTTP endpoints (e.g., xhr.fetch calls shown in references/functions-modules.md and functions-patterns.md and scenario tasks that fetch external APIs or moderation services like https://api.moderation.example.com, exchange-rate APIs, and user-provided webhook URLs such as https://notify.example.com), so the agent will fetch and interpret untrusted third-party responses as part of its workflow.