mentionlytics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the agent to connect to Mentionlytics via the Membrane CLI and to run actions (e.g., membrane action list / membrane action run) that fetch "posts" and "sources" from the web and social media, which are untrusted user-generated third-party contents the agent would read and could influence subsequent tool use or workflows.