slack-memory-store

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and processes untrusted, user-generated third‑party content — e.g., Confluence imports and external news (references/classification-guide.md "Confluence Documents" and "News Articles" and the "external/news" folder), Slack message threads, and "any custom data sources" via scripts/add_memory.py — and the agent is expected to read and classify that content as part of its workflow.