box-legal-workflows-ma

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill ingests and analyzes documents uploaded to Box (see Phase 2 "Upload/copy" and Phase 4 which calls search_files_keyword, ai_qa_multi_file, and ai_extract_structured_from_fields_enhanced), meaning it reads user-provided/external-party content in the repository that can directly influence tool actions and decisions.