miro-developer-app

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly directs using Membrane to run actions and proxy requests against the Miro Developer App API (e.g., "List Items on Board", "Get Text Item", and "membrane request ..."), which fetches user-generated board content from a third-party service that the agent is expected to read and could materially influence subsequent actions.