biz-ops-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and ingests untrusted external content (e.g., files and git repos listed in _datasources/external-paths.md and external-folders.template, OneDrive/Customer external folders, and user-pasted Teams chats/emails) as part of report generation and data-collection workflows (see report-generator's "External Data Source Integration" and data-collector/ external-folders check scripts), which exposes the agent to third-party/user-provided content that could carry indirect prompt injection.