reviewsio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to connect via the Membrane CLI to Reviews.io and to list/run actions that fetch and process Reviews.io data (user-generated public reviews), so untrusted third-party content will be read and could influence subsequent actions.