portaly-email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly fetches and ingests content from public Portaly endpoints (e.g., SKILL.md Mode B Step B2 and references/self-hosted-waitlist.md show GET/POST to https://portaly.ai/api/waitlist/{creatorSlug}; the Sending a Campaign sections and tools read saved campaign bodyHtml/subject and vibe_get_campaign_analytics), which are third-party public/user-provided data the agent must read and that materially influence actions like drafting/sending campaigns and wiring syncs.