resend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md shows the agent will connect to the Resend service via the Membrane CLI and run actions such as "list-emails" and "get-email" (membrane action run …), which fetch and expose user-generated/untrusted email content from a third-party service that the agent is expected to read and that could materially influence subsequent actions like sending emails.