kickofflabs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly fetches and ingests third-party, user-generated data from KickoffLabs via Membrane (see SKILL.md "Popular actions" like Get Lead, List Campaign Lead Tags and the membrane action run commands which return output the agent is expected to read), so untrusted campaign/lead content could influence agent decisions or subsequent actions.