monday-brief

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's "business-pulse" workflow (Step 1) explicitly ingests user-generated third-party content — e.g., unread Gmail flagged "needs reply", Slack DMs, HubSpot deals, PayPal/Square/QuickBooks data and calendar events with external attendees — which the agent is expected to read and summarize into actions ("Three things") that can change its decisions or follow-up behavior.