scaledrone

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly directs the agent to connect to and run Membrane actions (action list / action run) and to proxy requests to the Scaledrone API to read Room/Message data (user-generated chat content) from a third-party service, so untrusted external content would be fetched and could influence agent actions.