dandelion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md lists and instructs using actions that fetch public, user-generated sources (e.g., the "Search Wikipedia" and "Extract Entities" actions that link to Wikipedia/DBpedia) and tells the agent to run those actions via membrane action run, meaning the agent will read and act on third-party web content as part of its workflow.