eventee

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch Eventee data (e.g., actions like "get-reviews" and "list-participants") and to proxy arbitrary API requests via "membrane request CONNECTION_ID /path/to/endpoint", which brings in third-party, user-generated/untrusted content (reviews, attendee data) that the agent is expected to read and could influence subsequent actions.