novu-inbox-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Inbox explicitly fetches notifications from Novu (via @novu/js and @novu/react) and renders workflow-provided, user-authored notification.subject/body (including optional raw HTML via dangerouslySetInnerHTML) and acts on notification.redirect.url/routerPush and notification.data for routing and actions (see SKILL.md and references/headless-inbox-examples.md and personalization.md), so untrusted third-party workflow content can be ingested and materially influence behavior.