live-dashboard

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly wires runtime polling to third-party provider data: SKILL.md and references/connectors.md require emitting connectors.json and the artifact calls POST /api/od/connectors/poll (resolved to providers like composio.notion) so the agent ingests untrusted, user-generated workspace content (tasks, activity, titles) that directly drives rendering and change-driven actions.