ha-integration-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly generates integrations that fetch and ingest data from arbitrary cloud APIs (see references/api-integration.md with async_get_data using https://{host}/api) and accepts/handles untrusted webhook JSON payloads (assets/templates/webhook-integration/README.md), and includes conversation-agent patterns that parse third‑party/user-provided text and trigger actions (references/advanced-patterns.md), so external, untrusted content is read and can influence agent behavior.