gigasheet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly lists an "upload-from-url" action (under "Popular actions") and instructs running Membrane actions and reading their outputs, meaning the agent can fetch and ingest files from arbitrary URLs (untrusted third‑party content) which could be interpreted and influence subsequent actions.