publisherkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's SKILL.md explicitly instructs using Membrane to run actions like "Get Post" / "List Posts" and to proxy requests to PublisherKit endpoints (e.g., membrane request CONNECTION_ID /path/to/endpoint), which causes the agent to fetch and interpret user-generated third-party content from PublisherKit that could influence subsequent actions.