agent-teams

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and ingests user-generated Microsoft Teams content (e.g., "recent messages" returned by agent-teams snapshot and message list as shown in SKILL.md and references/common-patterns) and multiple templates (e.g., templates/monitor-channel.sh and common-patterns) explicitly parse message content and even auto-respond, so untrusted third‑party messages can influence agent actions.