jotform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill routinely fetches and processes user-generated content from the Jotform API (e.g., endpoints like /form/FORM_ID/questions, /form/FORM_ID/submissions, and /user/submissions) and instructs the agent to read and manage that data (list, retrieve, create, update, delete, and handle webhooks), so untrusted third-party form submissions could indirectly inject instructions affecting decisions or actions.