amity

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md instructs the agent to use the Membrane CLI to connect to an Amity instance and run actions that access user-generated "Post", "Message", "Channel" and other Amity data (via membrane action run / action list), so the agent will fetch and interpret third-party user content that could contain instructions.