hookdeck-event-gateway-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's webhook handlers (e.g., POST /webhooks in examples/express/src/index.js, examples/fastapi/main.py, and examples/nextjs/app/webhooks/route.ts) ingest and parse raw webhook bodies forwarded via Hookdeck (from external providers/users) and use payload fields (like payload.type) to drive processing, so untrusted third-party webhook content can materially influence behavior.