trello-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill retrieves user-generated Trello content from the Trello REST API (see index.js functions like listBoards, getCards, getCard, and getComments) and the SKILL.md demonstrates workflows where the agent reads boards/cards/comments, so untrusted third-party content could influence decisions and subsequent tool actions.