1msg

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs the agent to use Membrane actions (e.g., "Get Messages" via membrane action run / the "Get Messages" entry in the Popular actions and the "Searching for actions" / "Running actions" sections of SKILL.md) to fetch user-generated messages from 1msg, which are untrusted third-party content that the agent would read and could influence subsequent actions.