smugmug

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill (SKILL.md) directs the agent to fetch and act on user-generated SmugMug content via Membrane (e.g., actions like list-album-images, get-image, get-image-metadata and subsequent update-image/delete-image), meaning the agent will ingest untrusted third-party content from SmugMug that could materially influence its decisions or tool use.