storyblok

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and displays Storyblok content via Membrane actions such as "get-story" and the documented "membrane request" proxy to the Storyblok API (see SKILL.md Popular actions and Proxy requests), which exposes untrusted, user-generated CMS content that the agent is expected to read and could materially influence its next actions.