gupshup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly shows executing Membrane actions and proxying requests to the Gupshup API (e.g., "membrane action run --connectionId=CONNECTION_ID ACTION_ID" and "membrane request CONNECTION_ID /path/to/endpoint" in SKILL.md), which can return untrusted, user-generated messaging content that the agent would read and could alter subsequent actions.