successeve

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to call Successeve via the Membrane CLI (e.g., membrane action list, membrane action run, and membrane request) which fetches and interprets data from the third‑party Successeve API (potentially user‑generated/untrusted content) as part of the workflow, so external content could influence subsequent actions.