captain-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly describes using Captain Data to extract/enrich data from the open web (e.g., the "Popular actions" list and "Enrich Person" which retrieves LinkedIn profile data) and shows proxying requests through Membrane to Captain Data's API, so the agent will ingest untrusted, user-generated third‑party content as part of its workflow.