tapd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent calling the TAPD API to fetch user-generated content (e.g., get_stories_or_tasks, get_comments, get_wiki and parsed description/images) from TAPD workspaces, and those returned comments/wiki/descriptions are read and used in the workflow (see the "Claude 使用方式" and command examples), so untrusted third‑party content could inject instructions that influence subsequent actions.