sheetdb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use Membrane to query and proxy arbitrary SheetDB API endpoints (which expose Google Sheets/user-generated data) and to run actions using returned JSON, so the agent will fetch and interpret untrusted third-party content from SheetDB/Google Sheets that could influence subsequent actions.