mailchimp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to fetch and read Mailchimp API endpoints (e.g., https://us1.api.mailchimp.com/3.0/lists, /campaigns, /templates, /search-members), which return audience members, campaign content, templates and reports that can be user-generated/untrusted and could materially influence subsequent actions.