jazzhr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch and run actions or proxy requests against the third‑party JazzHR API via Membrane (see "Connecting to JazzHR", "Running actions", and "Proxy requests"), which ingests applicant/user-generated content from an external service that the agent is expected to read and use to decide or trigger further actions, creating a risk of indirect prompt injection.