ghost

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly exposes actions like "List Posts", "Get Post", and "List Pages" that use Membrane to fetch content from a Ghost site (user-generated/public blog posts/pages), which the agent would read and could have that content influence its subsequent actions.