nodered

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation shows Node-RED flows that fetch and ingest external, untrusted content (HTTP Request to arbitrary URLs) and accept/handle incoming public inputs (HTTP In/webhook endpoints, WebSocket In, MQTT In), which the agent is expected to read and process in function nodes, exposing it to indirect prompt injection risk.