fast-meeting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 1: "If an issue is referenced: Fetch the issue details (description, labels, comments)") ingests user-generated content from GitHub/GitLab issues and Step 3 explicitly includes that issue content in the persona/sub-agent prompts used to decide and trigger autonomous implementation, so untrusted third-party text can materially influence actions.