simplehash

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to connect to the third‑party SimpleHash service via Membrane (e.g., "membrane connect --connectorKey simplehash" and "membrane action run ...") and to read action outputs (wallets, transactions, attributions, user data), so the agent will ingest and act on external, potentially user‑generated/untrusted NFT data from SimpleHash.