fireflies

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md instructs the agent to fetch and read Fireflies meeting data (e.g., "Get Transcript", "List Transcripts") and allows arbitrary proxy requests via membrane request CONNECTION_ID /path/to/endpoint, which exposes user-generated/untrusted meeting transcripts and content from a third-party service that the agent is expected to interpret and that could influence subsequent actions.