meeting-followup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated meeting transcripts and summaries from Fireflies via fireflies_get_transcript and fireflies_get_summary (and also uses Gmail search for calendar/invite content), and the agent is required to read and act on that third-party content to generate summaries and draft follow-up emails, so untrusted content could influence its actions.