epic-forms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests and validates untrusted user-generated content via request.formData() in multiple action handlers (e.g., action functions using parseWithZod) and processes file uploads (NoteEditorSchema/images and the images loop), so the agent will read arbitrary third-party form data and uploaded files as part of its workflow.