channel-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 3 ("Show me the 10 most recent messages in the '' channel..." in SKILL.md) explicitly fetches user-generated Microsoft Teams channel messages (untrusted third-party content) and uses them to classify channels and recommend actions (e.g., archive/merge), so those external messages could inject instructions that influence tool use.