supabase-csharp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md and references) explicitly instructs the agent to fetch and subscribe to data from arbitrary Supabase projects—e.g., Database queries via supabase.From().Get(), Realtime channel handlers reading change.Payload.Data, Storage downloads/GetPublicUrl, and Edge Functions Invoke—i.e., untrusted/user-provided backend content that the agent would read and could materially influence subsequent actions.