zendesk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows the agent will fetch and read user-generated Zendesk data (e.g., "List Ticket Comments", "List Tickets", "Search" actions and the Membrane proxy via membrane request to Zendesk endpoints), which are third-party/untrusted contents the agent is expected to interpret and that could materially influence subsequent actions.