business-contact-social-links-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly invokes BrowserAct workflows to search Google and to scrape arbitrary public websites for social links (see SKILL.md and scripts/business_contact_social_links.py which send the target to BrowserAct templates that crawl/search third‑party sites), so the agent ingests untrusted public web content as part of its workflow.