mmk-notion-comment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documented commands "list — List comments on a page" and "reply — Reply to an existing discussion thread" clearly fetch and read Notion page comments (user-generated content from a third-party service) and then act on them (composing replies), so untrusted content could influence agent actions.