sitespeakai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill instructs the agent to call arbitrary SiteSpeakAI endpoints (via the "Proxy requests" / membrane request CONNECTION_ID /path/to/endpoint and "Running actions" / membrane action run commands in SKILL.md) and thus can ingest untrusted, user-generated website/chatbot/training data from a third-party API that could influence subsequent actions.