investor-calendar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required pre-meeting workflow explicitly instructs the agent to fetch and use open web/social content — e.g., "Pull up their LinkedIn profile and last 3 posts", "Check for any news about their fund in last 48 hours", and include "direct quote from blog, podcast, or tweet" in the auto-generated pre-meeting brief — meaning untrusted, user-generated third-party content is read and used to shape meeting actions.