infobip

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows the agent using Membrane to run Infobip actions and proxy requests (e.g., "Get SMS Message Logs", "Get Email Logs", and membrane request CONNECTION_ID /path/to/endpoint), which fetch user-generated/untrusted messages from third-party sources that the agent would read and could directly influence subsequent actions.