cloudback

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md directs the agent to use the Membrane CLI to run actions against Cloudback (and linked SaaS like Jira, Trello, GitHub) with results returned in the action "output" field, which means the agent will ingest and act on arbitrary user-generated/third-party data from those services.