hashnode

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and proxy public Hashnode content via Membrane actions (e.g., get-post, list-posts, get-user and membrane request), which are untrusted, user-generated posts/comments that the agent would read and could materially influence follow-up actions like add-comment, update-post, or publish-post.