memory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly issues GET requests to a configurable mixlab endpoint (GET {MEMORY_API_BASE_URL}/api/agent/v1/memories as shown in SKILL.md and scripts/query.js) to retrieve user-generated "memories" which the agent reads, summarizes, and uses in its workflow, so untrusted third-party content could inject instructions that influence subsequent behavior.