vryno

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md requires using the Membrane CLI to connect to a Vryno connection and run commands like "membrane action list" and "membrane action run", which fetch action descriptions/output/input schemas from an external Vryno instance (https://vryno.com/docs) that the agent must read and use to choose and execute actions, exposing it to untrusted third‑party content.