edlink

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill instructs the agent to connect to external Edlink integrations via the Membrane CLI and run actions (e.g., "membrane action run ...", whose "output" field returns remote data such as student assignments or other user-generated content) — these are untrusted third-party sources the agent is expected to read and could materially influence subsequent actions.