resend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to call Resend via Membrane (e.g., "membrane action run", "membrane request" and actions like list-emails/get-email), which fetches user-generated/untrusted email/templates from a third-party service and the agent is expected to read/act on that content.