bigpictureio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to fetch and proxy data from the Bigpicture.io API (see "Proxy requests" / membrane request) and to run actions that return user-generated resources such as Comments, Help Articles, Attachments and other project data, which the agent would read and could materially influence subsequent actions.