trello-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflows explicitly call Trello read APIs (e.g., TRELLO_GET_MEMBERS_BOARDS_BY_ID_MEMBER, TRELLO_GET_BOARDS_BY_ID_BOARD, TRELLO_GET_SEARCH) to fetch user-generated Trello boards, lists, cards, comments, and attachments and then use that content to resolve IDs and drive actions (create/move/update), so untrusted third‑party content can influence agent decisions and tool use.