migma-public-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and CLI mapping explicitly list a projects import command (migma-cli → projects.importAndWait) which ingests arbitrary external URLs, and the skill also supports email generation with --reference, so untrusted third‑party content fetched via that URL can be read and materially influence agent behavior.