intercom-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly ingests untrusted, user-generated content via incoming Intercom webhook POSTs (notification payloads) — see SKILL.md and the example handlers (examples/* and src/main) which parse notification.topic and notification.data.item and drive routing/handling logic — so third-party payloads can influence subsequent actions.