fireflies-data-handling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches user-generated content from Fireflies.ai (see GDPR/CCPA Compliance -> exportUserData calling firefliesClient.getUserData and the Quick PII Scan that runs detectPII on JSON.stringify(userData)), meaning untrusted third-party transcripts are ingested and can directly influence redaction/processing decisions.