resend-inbound

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests untrusted, user-generated email content from incoming Resend webhooks—calling resend.emails.receiving.get for email bodies and fetching attachment.download_url as shown in SKILL.md—which the agent then reads and uses to route/forward messages.