easysendy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to use the Membrane CLI to connect to EasySendy and run actions (e.g., membrane connect, membrane action list, membrane action run) which fetch subscriber lists, email templates, and other user-generated EasySendy data from a third-party service that the agent is expected to read and act on.