contentful-custom-app-enhancement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The skill’s workflow explicitly instructs the agent to accept “bug reports, support tickets or issue links” and to “build the request context” from that source material, which at runtime can include outsider-authored free-form text (e.g., issue/support comments) that the agent would ingest into the LLM context.