monday-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and uses user-generated content from Monday.com via calls like MONDAY_LIST_BOARD_ITEMS, MONDAY_LIST_SUBITEMS_BY_PARENT, MONDAY_LIST_COLUMNS and MONDAY_ITEMS_PAGE (and even raw GraphQL via MONDAY_CREATE_OBJECT), and those retrieved board items, column values, and updates are read and used by the workflow to decide and perform actions, exposing the agent to untrusted third-party content that could contain indirect instructions.