fast-io

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "URL Import" workflow (upload action web-import) explicitly fetches arbitrary HTTP/HTTPS URLs — including Google Drive/OneDrive/Dropbox — and those imported files are ingested/indexed and used by the AI chat RAG pipeline (see the "URL Import" and "AI Chat" sections), so untrusted third‑party content can be read and materially influence agent decisions and actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly surfaces organization billing actions and a Stripe integration. The tool list and workflows include org billing operations (billing-plans, billing-create, billing-cancel, billing-details, billing-activate, billing-reset, billing-members, billing-meters) and the docs state that billing-create "creates a Stripe Setup Intent" and can create/update subscriptions. These are specific payment/gateway-related actions (Stripe), not generic HTTP or browser automation. Therefore the skill provides specific APIs for handling payments/subscriptions and is capable of direct financial execution.