sendpulse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md instructs the agent to run Membrane actions and proxy requests to the SendPulse API (see "Running actions" and "Proxy requests"), which fetches arbitrary SendPulse account data and user-generated content that the agent will read and act on—exposing it to untrusted third-party content that could embed instructions.