leadpops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use the Membrane CLI to connect to Leadpops and run actions like list-leads / get-lead which fetch user-submitted lead data from the third-party Leadpops service, so untrusted external content will be read and could influence subsequent actions.