awesome-support

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly reads and acts on user-generated content from third-party Awesome Support instances via Membrane commands (e.g., "membrane action run" and "membrane request" in the SKILL.md "Popular actions" and "Proxy requests" sections), so the agent will ingest and use untrusted ticket/customer data that could contain injected instructions.