novu-design-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's templates explicitly instruct workflows to perform HTTP requests to external URLs (e.g., Template 8's HTTP Request using "{{payload.webhookUrl}}" and Template 9's GET to an external API) and then read/branch on the HTTP response (via responseBodySchema and steps..), which means arbitrary untrusted third-party content can be fetched and can influence subsequent step execution.