zoom-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md and references (e.g., the Express webhook handler in SKILL.md and references/subscriptions.md) explicitly receive and parse Zoom webhook events (external third‑party payloads sent to your /webhook endpoint) and use those payloads to drive actions like processRecording, so untrusted third‑party content can materially influence the agent's behavior.