fireberry

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md instructs the agent to use the Membrane CLI to run actions against Fireberry (e.g., membrane action run, and listed actions like list-notes and get-contact), which fetch and surface user-generated CRM content from the third-party Fireberry service for the agent to read and act on.