calendarific

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to fetch data from the public Calendarific API (via Membrane proxy/requests and action runs) and explicitly notes a clientAction.agentInstructions field returned by connections that the AI agent is expected to read and act on, so untrusted third‑party content from calendarific.com (and connector responses) can influence the agent's next actions.