dux-soup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md instructs the agent to connect to Dux-Soup (a LinkedIn automation tool) via the Membrane CLI and run actions that read profile data, activity logs and messages from LinkedIn — untrusted, user-generated third-party content that the agent would ingest and could influence subsequent actions.