meeting-prep

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 2 Extruct "Growth Signal" enrichment (via the Extruct MCP at https://api.extruct.ai/mcp) explicitly instructs agent-type research columns to gather and summarize public/untrusted sources (job postings, press releases, LinkedIn posts, Glassdoor, product pages, etc.), and the resulting enrichment rows are read and incorporated into the meeting briefing and suggested actions, meaning external user-generated/web content can materially influence the agent's decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill calls the Extruct MCP at https://api.extruct.ai/mcp at runtime (list_tables/create_table/add_columns/create_rows with run=true) to create agent columns containing prompts and to execute enrichment agents, so remote code/prompt execution on that URL is required for the skill to run.