transcript-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and ingests user-generated meeting transcripts from the Fireflies.ai GraphQL API (https://api.fireflies.ai) and from Google Drive documents (scripts/gdrive_transcript_search.py), and the code and SKILL.md explicitly read and use that content (get_transcript/get_transcript_text, include_content flag, and "Transcript to Summary"/"Transcript to Voice Agent" flows) to drive summaries and downstream actions, so untrusted third-party content could inject instructions.