timecamp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs running the data pipeline which fetches TimeCamp datasets (entries, tasks, computer_activities, users, application_names) into JSONL files at ~/data/timecamp-data-pipeline/timecamp/*.jsonl — and the agent is expected to read and query those user-generated/untrusted entries with DuckDB (it also clones public GitHub repos), so it ingests third-party user content that could contain injected instructions.