supabase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's CLI explicitly fetches and ingests data from an arbitrary Supabase project (e.g., REST endpoints in scripts/supabase.sh such as cmd_select/cmd_query and cmd_vector_search which calls the project's RPC match_ and returns documents.content and metadata), so untrusted/user-generated database content can be read and influence subsequent actions (e.g., vector-search results used in agent workflows), enabling indirect prompt injection.