proprofs-project

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to connect to ProProfs Project via the Membrane CLI (e.g., membrane action list, membrane action run, and membrane request) to fetch project data (tasks, comments, users) from a third-party service — this content is user-generated/untrusted and is expected to be read and acted on as part of the workflow, so it could indirectly inject instructions that influence subsequent actions.