integrate-any-external-app

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's workflow (see SKILL.md "Step 1: Get a Connection", "Step 2: Get an Action", and "Step 3: Run an Action") explicitly connects to external apps (e.g., Slack, HubSpot, Salesforce) via the Membrane API and runs actions whose outputs (action results/output fields) the agent is expected to read and act on, meaning it ingests untrusted/user-generated third‑party content that could contain instructions influencing later actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill calls Membrane's endpoints (https://api.getmembrane.com and https://getmembrane.com) at runtime to create agent sessions whose returned content/summaries drive connector-building instructions, so external content directly controls prompts and is a required dependency.