pm-meeting-prep

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). Outsider-authored free text is ingested when the skill calls twprojects-list_messages / twprojects-list_tasks (including task comments) and slack_read_channel / get_thread to read messages, comments, and email bodies written by other people, which are then synthesized into the agent’s LLM context.