meeting-brief-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly runs multiple Tavily searches against public web content (SKILL.md Step 3) and inserts all Tavily search results (titles, URLs, snippets) into the Gemini synthesis request (SKILL.md Step 4), meaning untrusted third‑party webpages and user‑generated content are ingested and directly influence the agent's outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill performs runtime POST requests to https://api.tavily.com/search to retrieve research results that are injected into the Gemini request payload (replacing RESEARCH_RESULTS_AND_INSTRUCTIONS_HERE), meaning remote content from Tavily directly controls the model prompt and Tavily access is required (TAVILY_API_KEY).