customer-workspace

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and auto-parses user-provided chat, email, Slack and Teams AI meeting notes (see assets/inbox.prompt.md, assets/convert-meeting-minutes.prompt.md and references/inbox-rules.md) and uses that content in automated routing and conversion, exposing the agent to untrusted user-generated third-party content that could carry indirect prompt-injection.