reward-gateway

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly lets the agent fetch and proxy data from the Reward Gateway API via Membrane (see "Proxy requests" / membrane request CONNECTION_ID /path/to/endpoint) and the skill lists user-generated entities like Articles, Comments, and Polls that the agent would read and act on, so untrusted third-party content could influence behavior.