clickup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill invokes the ClickUp CLI to read tasks, comments, docs and pages (e.g., clickup get, clickup comments, clickup doc, clickup page) as shown in SKILL.md and README, which pulls untrusted, user-generated content from public/third-party ClickUp workspaces that the agent is expected to read and that could influence subsequent actions.