coda

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and displays arbitrary user-generated Coda document content via the Coda API (e.g., DocsCommands.get calls /docs/{doc_id}, RowsCommands.list reads /docs/{doc_id}/tables/{table_id}/rows, PagesCommands.list reads /docs/{doc_id}/pages and print_json/CSV output surfaces that data), so it ingests untrusted third‑party content that could contain indirect prompt injections.