shortcut

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill instructs the agent to use the Membrane CLI to run Shortcut actions (e.g., membrane action run / list-stories / get-story) that fetch user-generated Shortcut workspace content (stories, descriptions, comments), which the agent is expected to read and could materially influence subsequent decisions or tool use.