surveycto

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md instructs the agent to run Membrane actions and proxy requests against the SurveyCTO API (e.g., "membrane action run" and "membrane request ...") to fetch form data and submissions, which are user-generated/third-party survey content that the agent is expected to read and could materially influence subsequent actions.