enonic-webhook-integrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and acts on untrusted external HTTP payloads and calls arbitrary external URLs (see SKILL.md Step 5 "Implement inbound webhook endpoint", assets/http-service.template.ts parsing req.body, and references/examples.md/http-client outbound requests), so third‑party webhook content can be read/interpreted and materially influence processing and subsequent actions.