creating-webhook-handlers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs creating webhook endpoints that ingest and parse untrusted third-party payloads from public providers (e.g., Stripe, GitHub, Twilio) — see SKILL.md and references/examples.md (routes/webhooks.js, Stripe/GitHub examples) — and then dispatch those payloads to handlers that trigger actions (e.g., fulfillOrder, triggerDeployment), so external content can directly influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly targets payment gateways (mentions Stripe and uses stripe.webhooks.constructEvent()) and describes handling payment events like payment_intent.succeeded and charge.refunded to fulfill orders and process refunds. Those are provider-specific payment operations (financial execution-related), not just generic webhook handling. Therefore it qualifies as Direct Financial Execution capability.