jira-teams

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs the agent to send arbitrary downstream requests to Apideck's proxy (https://unify.apideck.com/proxy with x-apideck-downstream-url set to a Jira Teams endpoint) and states Apideck returns Jira Teams's raw responses, meaning the agent will ingest and act on untrusted, user-generated third-party content (issues/comments) from Jira.