convoloai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows it uses the Membrane CLI to fetch and run actions against the third-party Convolo.ai service (e.g., list-call-reports, get-project) which returns user-generated call transcripts/lead data that the agent is expected to read and can materially influence follow-up actions like initiating calls or updating contacts.