datagma

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md instructs the agent to run Datagma/Membrane actions and proxy requests (see "Popular actions" and "Proxy requests") that fetch social profiles, LinkedIn data, news articles and other third‑party content from the open web, which the agent is expected to read and could therefore carry untrusted/user‑generated instructions that influence subsequent decisions.