fireflies-data-handling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches user-generated meeting transcripts from the Fireflies GraphQL API (https://api.fireflies.ai/graphql) in Step 1 and then reads/acts on transcript content and summary/action_items (e.g., syncing tasks in Step 4 and applying retention logic), meaning untrusted third-party transcript text can materially influence agent behavior.