junip

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs using Membrane to call Junip APIs (see "Popular actions" like list-reviews/get-review and the "Running actions"/"Proxy requests" sections) which will fetch user-generated customer reviews from Junip (an open/public review platform) that the agent is expected to read and could materially influence actions, so it exposes the agent to untrusted third-party content.