agent-email-inbox

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill ingests untrusted, user-generated email content delivered via Resend webhooks (see Webhook Setup and the use of resend.emails.receiving.get in the webhook handler) and passes that content into agent.processEmail/agent.analyzeAndPropose flows where it can influence agent actions, creating a clear vector for indirect prompt injection.