truora

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md instructs using Membrane to run actions and proxy arbitrary Truora API requests (e.g., "membrane request CONNECTION_ID /path/to/endpoint"), and the skill explicitly lists untrusted/user-generated data types such as "Social Media Profile", "Blog Post", "Forum Post", and "News Article" that the agent would read and could influence subsequent decisions.