helium

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md instructs the agent to use the Membrane CLI to connect to the Helium platform and run actions such as get-device-events, list-integrations, and other action runs that retrieve device logs, labels, and integration data from Helium (a third-party public service), which the agent is expected to read and could materially influence subsequent actions.