clickup-migration-deep-dive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workspace-to-workspace and migration routines explicitly fetch and ingest user-generated ClickUp tasks via the ClickUp API (see cloneListBetweenWorkspaces fetching https://api.clickup.com/api/v2/list/{sourceListId}/task and the migrateItems/validateMigration functions that read task names/descriptions/statuses), so untrusted third-party task content is read and then used to drive subsequent API actions.