inmobile

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly retrieves user-generated third-party content (e.g., "Get Incoming SMS Messages") via Membrane actions as shown in the "Popular actions" and "Running actions" sections, so incoming SMS and other account data from arbitrary external users could be read and influence subsequent agent actions (send SMS, update recipients, blacklist, etc.).