sourceforge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md instructs the agent to connect via the Membrane CLI to Sourceforge (a public, user-generated site) and to run actions that fetch project files/folders/users whose outputs the agent is expected to read/interpret (see "Connecting to Sourceforge" and "Running actions"), so untrusted third‑party content could materially influence its behavior.