iblai-profile

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads user-generated data from platform APIs—e.g., the Mentor Metadata endpoints (GET/POST {dmUrl}/api/ai/mentor/orgs/{org}/users/{username}/metadata) and the AI Profile Memory API (GET {dmUrl}/api/ai-mentor/…/ai-user-profile-memory/)—and states these arbitrary JSON/tag-detail values are used for onboarding, feature flags and AI memory, meaning untrusted third-party content is ingested and can materially influence behavior.