chatwoot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches user-generated conversation and message content from the Chatwoot Cloud API (https://app.chatwoot.com) — e.g., the "List Conversations" and "Get Conversation Details" endpoints shown in SKILL.md — which the agent is expected to read and could contain untrusted instructions that materially influence replies, assignments, or other actions.