matterport

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly instructs the agent to connect to a Matterport account via the Membrane CLI (e.g., "membrane connect --connectorKey matterport") and to discover and run actions ("membrane action run ...", with results in the output field), which means the agent will fetch and read user-generated third-party Matterport content as part of its workflow and that content could influence subsequent tool use or decisions.