justcall

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to use Membrane to run JustCall actions and proxy requests (e.g., "Get Text", "List Texts", "List Contacts" and "membrane request ...") which causes the agent to fetch and read user-generated third-party content (SMS/call/contact data) from the JustCall service that could contain instructions influencing subsequent actions.