teams-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The required runtime workflow ingests outsider-authored free text from the source MS Teams chat via the MCP tool mcp__teams-mcp__get_chat_messages (chat messages are not authored by the operating user), then passes that message content/from into the LLM context for processing/formatting and ultimately into Tools/MigrateChat.mjs for posting.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill instructs running the command "npx @floriscornel/teams-mcp@latest authenticate" at runtime to obtain/repair authentication, which fetches and executes remote npm package code and is required for the skill to proceed (so it is a runtime external code execution dependency).