lessonspace

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md) includes actions like "Get Session Transcript" and other Membrane-backed fetches (e.g., list-sessions, list-spaces, get-session-recording-url) that retrieve user-generated third-party Lessonspace content which the agent is expected to read/interpret as part of its actions, so untrusted content could carry instructions that influence behavior.