bland-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly reads user-generated Bland AI data (e.g., "Get Call Details" returns transcripts and analysis) and allows proxying arbitrary Bland AI API endpoints via "membrane request", so the agent will ingest third‑party content from an external service that could contain instructions influencing actions.