kandy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md) instructs using the Membrane CLI to connect to a Kandy connection and run/discover actions (e.g., "Conversation", "Call History", "Voicemail" via membrane action list and membrane action run), which will fetch and return user-generated third-party content from Kandy that the agent is expected to read and could materially influence subsequent actions.