progress-sitefinity

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md explicitly allows sending arbitrary proxied requests to a Sitefinity instance via "membrane request CONNECTION_ID /path/to/endpoint", which means the agent will fetch and interpret content from third-party Sitefinity sites (potentially public/user-generated) that can influence subsequent actions.