cirrus-labs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to use the Membrane CLI to connect to Cirrus Labs and run/discover actions whose outputs are the contents of Cirrus projects/issues/documents (third‑party API data and user-generated content) as shown in the "Working with Cirrus Labs" and "Running actions" sections of SKILL.md, so the agent will ingest and act on untrusted external content.