clickup-data-handling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and processes ClickUp API data (see "Data Export for GDPR/CCPA" and the PII scanning/redaction code) which ingests user-generated task descriptions, comments, and custom fields from the public third-party ClickUp service that the agent reads and acts on (scanning, redacting, exporting), so untrusted content could indirectly inject instructions.