meeting-machine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Pre-Step 2 explicitly instructs the agent to pull and analyze attendee data from connected Gmail, CRM, Slack, and "LinkedIn / web" (SKILL.md – Pre-Step 2: Research Attendees), which are untrusted/user-generated third‑party sources that the agent must read and use to build profiles, agendas, and action items—allowing external content to materially influence decisions and next actions.