icypeas

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly lists Membrane actions that scrape public third-party sites (e.g., "Scrape LinkedIn Company" and "Scrape LinkedIn Profile" in the "Popular actions" section), so the agent will fetch and interpret untrusted, user-generated web content that can materially influence its actions.