assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Web Content Extraction" and "Meeting Intelligence" workflows explicitly fetch and parse user-shared URLs and external transcripts (via "defuddle parse " and Fireflies sync/MCP server), ingesting untrusted public/web-hosted content and using it to extract decisions/action items and drive automated task/file updates, so third-party content can materially influence agent actions.