teamsupport

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to connect via Membrane and run actions (e.g., membrane action list / membrane action run) against a TeamSupport connection to retrieve tickets, KB articles and other user-generated data, which are third‑party/untrusted content the agent will read and could influence its actions.