smooch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly instructs the agent to use the Membrane CLI to interact with Smooch data (see "This skill uses the Membrane CLI to interact with Smooch" and the "Conversation
• Message
• User" sections and the membrane action run examples), which means the agent will fetch and read user-generated messages from third-party customers that could contain untrusted instructions influencing subsequent actions.