time-tracking

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill fetches and ingests user-generated time entry data from third-party APIs (e.g., Toggl via get_time_entries and the ProjectTimeAttributor.process_entries in SKILL.md) and directly reads/uses entry "description" fields to decide and perform updates (project assignment), so arbitrary third‑party content can influence agent actions.