workbench-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow authoring and examples (references/workflow-authoring.md and webhook-driven examples like examples/workflows/codex-review-loop.yaml and examples/workflows/webhook-claude-gated.yaml) explicitly accept webhook/manual trigger payloads and render {{ trigger.payload }} into stage prompts, meaning untrusted external/user-generated webhook content is ingested and can directly influence prompts and subsequent execution/actions.