apideck

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md explicitly instructs using Membrane to run actions and proxy requests to the Apideck API (e.g., "membrane action run ..." and "membrane request CONNECTION_ID /path/to/endpoint"), which causes the agent to fetch and interpret data from third‑party SaaS connectors and APIs (potentially user-generated/untrusted content) as part of its workflow, so third‑party content could influence subsequent actions.