travis-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime actions (e.g., "Get Job Log" and the "membrane request" proxy to the Travis CI API) explicitly fetch and return third-party content such as build/job logs and repository data from public/user-managed Travis CI endpoints, which the agent is expected to read and could use to decide follow-up actions—exposing it to untrusted, user-generated content that could contain indirect prompt-injection instructions.