tomba

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs the agent to connect to the Tomba service via the Membrane CLI (e.g., membrane connect and membrane action run ...), which fetches prospect/company data from an external public third‑party service (Tomba) and returns output that the agent is expected to read and act on, so untrusted third‑party content could influence subsequent tool use.