my-meeting-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches meeting notes from ClickUp (via scripts/tools/clickup_meeting_notes.py using a ClickUp URL or list), which are untrusted/user-generated third‑party content that the agent reads and interprets to create digests and drive memory updates/Notion actions, so external content could materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill accepts a user-provided ClickUp URL at runtime (python3 scripts/tools/clickup_meeting_notes.py url "{URL}") and fetches that ClickUp note content which is then injected into the model context to generate digests, so the external content directly controls prompts/outputs.