teamwork-desk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly retrieves user-generated content from Teamwork Desk (e.g., "List Ticket Messages" and "Get Ticket" in the "Popular actions" section and the "Running actions"/"Proxy requests" instructions using Membrane), so the agent will fetch and read untrusted third-party ticket/message text that could contain embedded instructions.