ultramsg

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow instructs the agent to run Membrane actions against an UltraMsg connection (e.g., "List Messages", "List Chats", "List Contacts" via membrane action run) which fetches user-generated WhatsApp content from third-party sources that the agent would read and could influence subsequent actions.