inngest-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly fetches user-generated messages via front.conversations.listMessages(conversationId) and includes that content in buildPrompt(context) passed to supportAgent.run, and agentResult.action can trigger executeAction, so untrusted third-party user content can directly influence agent decisions and actions.