chatra

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md lists actions that retrieve and display Chatra visitor messages and client data (e.g., "Get Message", "Get Pushed Message", "Get Client") and also allows arbitrary proxy requests via membrane request to the Chatra API, meaning the agent will fetch and interpret untrusted, user-generated third‑party content from the Chatra platform as part of its workflow.