n8n-hebrew-workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs fetching and acting on untrusted third-party content (e.g., Hebcal shabbat endpoint https://www.hebcal.com/shabbat in Step 4, data.gov.il CKAN API in Step 2, scraping bank sites via israeli-bank-scrapers in Step 2, and payment gateway webhooks/ Morning API calls in Steps 2 and 5) and requires the agent to parse those responses to gate workflows, create invoices, reconcile payments, and drive AI categorization, so external content can materially influence agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates with Israeli payment processors and banking tools. It provides concrete instructions and example code for:
• Payment gateways: Cardcom, Tranzila, Grow by Meshulam (webhook handling, required fields, and an explicit “approveTransaction” call for Grow).
• Bank access: use of the Node.js library israeli-bank-scrapers with credential examples and scrape calls (directly accesses bank accounts/transactions).
• Payment flows: Bit payments via Tranzila/Grow and webhook processing for finalizing payments. These are specific, finance-focused APIs and functions that can initiate, finalize, or reconcile monetary transactions or access bank account data, not generic tooling. Therefore it meets the “Direct Financial Execution” criteria.