builderio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs the agent to fetch and read Builder.io content (e.g., "Get HTML Content", "Get Content by URL", "search-content", and using Membrane proxy requests) which pulls user-generated/public site pages from a third‑party CMS and can be read/interpreted to drive follow-up actions.