textline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs using Membrane to query and proxy the Textline API to read Conversations/Messages and other customer-generated data (see "Textline Overview" and "Working with Textline" / proxy requests), so the agent will ingest untrusted third-party user content that could influence actions.