p-ego-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). Outsider free text can enter the LLM context via runtime retrieval of Slack/Fireflies/GitHub message bodies/transcripts (e.g., slack_search_public_and_private results and later slack_read_channel full threads; fireflies_search/fireflies_get_transcripts sentences/transcripts; gh fetching issue/PR/discussion content), which are authored by non-operating users.