intercom

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch and read user-generated Intercom content (e.g., "List Conversations", "Get Conversation", and "List/Get Article" API calls in the core APIs and workflows), so untrusted third‑party messages/articles from customers are ingested and used to drive replies/assignments, enabling indirect prompt injection.