securitytrails

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md instructs the agent to run actions and proxy arbitrary requests against the external SecurityTrails API via Membrane (see "Running actions" and "Proxy requests"), which ingests public internet/WHOIS/DNS/subdomain data from untrusted third-party sources that the agent is expected to read and could materially affect subsequent actions.