coperniq

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md) instructs the agent to use the Membrane CLI to connect to Coperniq and run actions (e.g., membrane action list and membrane action run) that fetch and return Coperniq data such as clients/contacts/work-orders — third-party/untrusted content the agent is expected to read and that can materially influence follow-up actions like creating/updating/deleting records.