vtex-io-http-routes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill defines HTTP routes and webhook/callback endpoints that directly read and act on untrusted external HTTP request content (e.g., ctx.request.body, route params, and headers in examples like createReview and rawGetOrder under node/routes), so third‑party requests could materially influence downstream actions.