46elks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly exposes actions like "Get SMS" and "List SMS" and shows using membrane action run ... to retrieve outputs from the 46elks service, meaning the agent will fetch and consume untrusted, user-generated SMS/MMS content from a third-party provider (46elks) which could contain instructions that influence subsequent actions.