kanban-tool

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and ingests user-generated content from the Kanban Tool API (e.g., via the listed actions like "get-task", "get-board", "get-board-changelog" and the "membrane request" proxy described in SKILL.md), so untrusted third-party task/comments/attachments could be read and influence subsequent agent actions.