wb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs the agent to use the Membrane CLI to list and run actions against a W&B connection (e.g., membrane action list --connectionId=... and membrane action run ...), which ingests user- or third-party-generated W&B project/run/artifact data and action descriptions that the agent is expected to read and act upon, creating a clear path for untrusted content to influence behavior.