holobuilder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill exposes the agent because SKILL.md instructs using the Membrane CLI to run actions and proxy requests against the HoloBuilder API (e.g., "membrane action run ..." and "membrane request CONNECTION_ID /path/to/endpoint"), which pulls user-generated/untrusted content from HoloBuilder that the agent would read and could materially influence subsequent actions.