goose

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use the Membrane CLI to connect to the Goose SaaS and to run/discover actions (e.g., "membrane action list" and "membrane action run"), which will fetch and return Goose-managed social media/user-generated content that the agent is expected to read and could influence subsequent actions.