solve-crm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md shows it reads and runs actions against Solve CRM (e.g., "Get Contact" returns related activities/notes and the docs describe using membrane request to proxy to the Solve CRM API), which means the agent will ingest user-generated CRM notes/comments from a third-party system that could contain instructions influencing subsequent actions.