contact-enhance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly states Contact Enhance "enriches contact information with publicly available data" and instructs the agent to run Membrane actions (e.g., membrane action run <actionId> ...) whose outputs the agent will consume, meaning it ingests untrusted third‑party public data as part of its workflow.