avochato

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs using Membrane actions like "Search Messages", "Get Message", and "List Messages" to fetch Avochato conversation and contact content (external, user-generated messages), so the agent will ingest and act on untrusted third-party messaging content from Avochato which could carry instructions that influence subsequent actions.