doc-coauthoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs the agent to fetch and read content from user-provided shared documents and team channels via third-party integrations (e.g., "If they provide a link to a shared document, use the appropriate integration to fetch it" and mentions Slack, Teams, Google Drive, SharePoint in Stage 1 of SKILL.md), so untrusted external/user-generated content would be ingested and used to drive drafting and sub-agent testing.