botpenguin

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows the agent fetching user-generated BotPenguin content via the Membrane connector (e.g., "List Chats", "List Inbox Users" and proxy requests), so the agent would read third‑party chat/inbox messages that could contain instructions influencing subsequent actions.