typeform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly exposes actions that fetch Typeform data (e.g., list-responses, get-form, list-forms and proxy requests via Membrane) which are user-submitted/untrusted third-party content that the agent is expected to read and could thus inject instructions affecting subsequent actions.