wobaka

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use the Membrane CLI to run actions against Wobaka (e.g., "membrane action run --connectionId=... --json" in the "Running actions" / "Working with Wobaka" sections), which fetches user-generated customer feedback from a third‑party SaaS and that untrusted content would be read and could influence subsequent actions.