suprsend-workflow-schema

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Fetch node (references/node-fetch.md) explicitly allows GET requests to arbitrary endpoints (including dynamic URLs derived from trigger data) and states the JSON response is merged into the workflow's global input for use by subsequent nodes (branch, transform, invoke_workflow, delivery), meaning untrusted third‑party content can directly influence runtime decisions and actions.