n8n-expression-syntax

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill documentation shows ingesting arbitrary webhook user data (Webhook Node Output Structure: $json.body) and using those untrusted fields directly in expressions and outputs (e.g., Slack/email examples referencing {{$json.body.message}}), so the agent would read and interpret third‑party user-provided content at runtime.