meeting-brief-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs required Tavily web searches and ingests the returned public search results into the synthesis step (see SKILL.md Step 3 "Research with Tavily" and Step 4 where Tavily results are injected into the Gemini request), so untrusted third‑party content from arbitrary web pages can directly influence the agent's generated talking points and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime POST requests to https://api.tavily.com/search (via curl) to fetch research results that are directly injected into the Gemini generation request (i.e., model context) and the skill requires TAVILY_API_KEY to run, so this external content directly controls prompts at runtime.