apify-link-prospecting-outreach

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs the Apify actor "apify/link-prospecting-tool" which scrapes public SERPs and multiple LLM search outputs and crawls article pages via the Website Content Crawler (see SKILL.md Steps 3–4 and the WCC/_wcc.json references), and those crawled third‑party page bodies are read by per‑row sub‑agents and directly drive placement decisions and generated outreach emails—so untrusted web content is ingested and can materially change the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly calls Apify's Website Content Crawler (https://apify.com/apify/website-content-crawler) at runtime to fetch arbitrary article page bodies which are then injected into per-row sub-agent prompts to generate placement text and outreach emails, so remote page content directly controls the model's prompts and is a required runtime dependency.