flowstudio-power-automate-build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly documents a "No-Schema Variant (Accept Arbitrary JSON)" in references/trigger-types.md and instructs using it for external webhooks (e.g., Stripe, GitHub), and the agent is expected to parse triggerBody()/incoming JSON and use that data to drive flow construction, deployment, and runtime actions—meaning untrusted, user-generated third‑party payloads can materially influence tool use and decisions.