otter-waiver

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly fetches and ingests data from the third‑party Otter Waiver API via Membrane (see "Proxy requests" and the membrane action run / membrane request examples in SKILL.md), and that data (waiver templates/signers/fields) is user-generated and read/interpreted as part of the agent's workflow, so it could carry indirect prompt-injection content.