n8n-expression-syntax

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's documentation explicitly shows reading untrusted incoming webhook payloads (see "CRITICAL: Webhook Data Structure" where user data is under {{$json.body}}) and HTTP Request responses (see "Example 2: HTTP Request to Email"), which the agent is expected to read/interpret in expressions and can influence subsequent actions—creating a clear vector for indirect prompt injection.