n8n-syntax-trigger-nodes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow examples and methods (e.g., references/examples.md "Example 5: Polling Trigger" which polls an arbitrary Resource URL via this.helpers.httpRequest, the webhook examples that ingest request bodies with getBodyData(), and webhookMethods that call external APIs like https://api.external.com) explicitly fetch and consume untrusted third‑party content which is then passed into and can change workflow behavior, enabling indirect prompt injection.