goto-webinar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent calling Membrane actions (e.g., list-registrants, list-session-attendees) that fetch user-generated, untrusted data from the GoTo Webinar platform via the GoTo Webinar API, and the agent is expected to read/interpret those results (output JSON) as part of its workflow which could influence subsequent actions.