lifterlms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md instructs the agent to use the Membrane CLI to connect to external LifterLMS instances and run actions like "list-courses" and "get-lesson" (see "Popular actions" and "Running actions"), which causes the agent to fetch and read user-generated course/lesson content from third-party WordPress sites that could influence subsequent decisions.