simpletexting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to run Membrane actions and proxy requests against the SimpleTexting API (e.g., list-contacts, list-sent-campaigns, and membrane request), which fetches user-generated third-party SMS/contact data that the agent will read and could influence subsequent actions.