hootsuite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch and act on Hootsuite content (e.g., "List Messages", "Get Message", "List Social Profiles" and the "Proxy requests" section) via Membrane, which exposes user-generated social media content from a third‑party service that the agent is expected to read and that could materially influence subsequent actions.