transform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly instructs using "membrane action run" and the "Proxy requests" flow to fetch data from the external TransForm API (e.g., forms, posts, comments, templates), so the agent will ingest and act on untrusted, user-generated third‑party content returned by those endpoints as part of its workflow, which could enable indirect prompt injection.