formbricks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows runtime actions that retrieve user-generated Formbricks data (e.g., "List Responses", "Get Response", "List People") via membrane action run and states "The result is in the output field", meaning the agent will fetch and read untrusted third-party survey/people content from Formbricks.