discourse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches user-generated Discourse forum content via Membrane actions such as "list-topic-posts" and "get-post" and via proxying requests to the Discourse API (see "Popular actions" and "Proxy requests"), meaning the agent will ingest untrusted third-party forum content that could influence its decisions or subsequent actions.