poof

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to connect to Poof via the Membrane CLI and run actions (e.g., "membrane action run" and the "Files -> File Content" workflow) that fetch and return user-generated Poof content from an external third-party service, which the agent is expected to read and act on (output field), creating a risk of indirect prompt injection.