announcekit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs using the Membrane CLI to run actions like "list-posts", "get-post", "list-feedbacks" and to proxy requests to the AnnounceKit API (e.g., membrane action run and membrane request), which will fetch and surface user-generated/public AnnounceKit content that the agent is expected to read and could influence its subsequent actions.