tanstack-start-api-routes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows server handlers that parse and act on untrusted HTTP request content (see "Request Body Handling" examples using request.json()/formData()/text() and the "Webhooks Example" at src/routes/api/webhooks/stripe.ts which ingests external Stripe webhook payloads), so third-party/user-generated inputs can directly influence control flow and actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill documentation includes an explicit integration with a payment gateway: a Stripe webhook example that constructs Stripe events using a Stripe secret key and handles checkout.session.completed events. This is a specific payment API (Stripe) rather than a generic tool, and it enables server-side handling of payment-related events. Under the specified rules, that qualifies as Direct Financial Execution capability.