velt-notifications-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests user-generated notification content via the Velt SDK hooks and REST APIs (see "Data Access" / useNotificationsData and "Use REST APIs" in SKILL.md / AGENTS.full.md) and also processes webhook payloads and notificationSourceData URLs to drive actions (e.g., router.push, forwarding to Slack, creating Linear issues), so untrusted third-party/user content can influence agent behavior.