gleap-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow calls MCP tools (mcp__gleap__get_ticket, mcp__gleap__get_ticket_messages, mcp__gleap__get_ticket_activity_log) to fetch Gleap tickets and messages from app.gleap.io — user-generated, untrusted support content that the agent is instructed to read and use to produce analyses, so it could carry indirect prompt injections.