crm-integrations

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests third-party CRM data via API endpoints and webhook receivers (see "Webhook receivers" and the "configure_webhook" example in SKILL.md for HubSpot/Salesforce/Pipedrive), so external, potentially user-generated content is read and acted on (syncs/creates/updates), which could enable indirect prompt injection.