arcgis-online

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent uses Membrane to connect to ArcGIS Online and run actions that fetch user-generated/public content (e.g., search-items, get-item, get-group-content, get-user-content) from ArcGIS Online, which the agent is expected to read and could influence subsequent actions.