kickofflabs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use Membrane actions and proxy requests to fetch KickoffLabs data (e.g., "Get Lead", "List Campaign Actions", and the "membrane request" proxy) which are third‑party, user-generated/untrusted campaign/lead contents that the agent is expected to read and that can directly influence subsequent actions like tagging, blocking, or running additional requests.