woocommerce

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests untrusted, user-generated content from external WooCommerce stores via the REST API (lib/woo.ts: woo.get('products'/'orders')) and webhook handler (api/woo/webhook.ts reading req.json() including fields like delivery_notes/billing) and uses that data to drive actions (notifications, emails, order updates), so third-party content could indirectly influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for building and managing e-commerce stores with WooCommerce, including managing products, orders, customizing checkout, and "integrate payment gateways." It uses the WooCommerce REST API (specific commerce API) and shows order-management operations (get orders, update order status) and webhook handlers for order events—capabilities directly tied to payment/order processing. Because it is specifically designed for commerce and payment gateway integration (financial operations), it grants direct financial execution capability.