call-summary

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly pulls full transcripts from third-party conversation platforms (e.g., "Transcripts connected (e.g. Gong, Fireflies): I'll search for the call automatically / Pull the full transcript") and then reads and acts on that untrusted user-generated content to extract action items, draft follow-ups, and update CRM/email—allowing indirect instructions in those transcripts to influence agent behavior.