building-nango-functions-locally

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires inspecting provider API docs or sample responses (see "Required Inputs: API reference URL or sample response" and Workflow steps / "For syncs, inspect provider docs or payloads" and "When API Docs Do Not Render" which mentions web fetching), meaning the agent will fetch/read public third‑party documentation or payloads that directly determine checkpointing, request params, and sync/action logic and so could allow indirect prompt injection.