assembla

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly exposes fetching and reading user-generated Assembla content (e.g., "List Ticket Comments", "Get Ticket", "List Tickets" in the Popular actions and Working with Assembla sections) via Membrane actions, so the agent will ingest untrusted third‑party tickets/comments/wiki content that can influence subsequent actions.