bolna-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directs the agent to call RUBE_SEARCH_TOOLS against the external Rube MCP/Composio endpoints (e.g., https://rube.app/mcp and composio.dev/toolkits/bolna) to fetch tool schemas, recommended execution plans, and tool results which the agent must read and act on, exposing it to untrusted third-party content that could contain indirect prompt injection.