clickup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's runtime commands explicitly fetch and read user-generated ClickUp content (e.g., SKILL.md/README commands like clickup comments <url-or-id>, clickup doc <doc_id>, and clickup page <doc_id> <page_id>), so it ingests untrusted third-party docs, tasks, and comments that could contain instructions influencing agent actions.