the-graph

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly tells the agent to use Membrane action run and membrane request (proxying arbitrary /path/to/endpoint) against The Graph public API/subgraphs, so the agent will fetch and interpret untrusted, public third‑party content that can affect subsequent actions.