hooks-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly documents HTTP hooks and external API calls (see references/lifecycle-reference.md "HTTP Hook — Sends event JSON as HTTP POST" and the "Hook Types" / "External API Calls — GitHub, Slack, webhooks" sections), which allow the agent to POST to arbitrary external URLs and ingest their JSON responses (including decision/permission fields) that are interpreted to control hook decisions and agent behavior, thus exposing it to untrusted third‑party content.