tax-season-organizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests third‑party data (QuickBooks P&L and vendor records, PayPal "Goods & Services" payments, Stripe payouts, and user-uploaded CSVs) as required steps in the SKILL.md (see "Pull YTD P&L from QuickBooks" and "Pull contractor payments from all sources — QuickBooks + PayPal + Stripe" and the CSV fallback), and that untrusted external content is parsed and used to decide 1099 candidates and tax calculations — so it can materially influence actions and is a vector for indirect prompt injection.