gitea

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's runtime workflow explicitly reads and lists user-generated content from external Gitea instances (e.g., "List Issue Comments", "Get Issue", "Get Pull Request") and allows arbitrary API proxying via Membrane, exposing the agent to untrusted third-party content that could influence its actions.