clickup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill routes runtime requests through Apideck's Proxy to ClickUp (see SKILL.md calling instructions using x-apideck-downstream-url to hit ClickUp endpoints) and consumes ClickUp API responses (which include user-generated content like task descriptions/comments) as part of its workflow, so untrusted third‑party content could influence agent actions.