exa-lead-gen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md requires calling exa-deep.deep_search_exa with objectives like "web scraping" and "news" to research and enrich companies, indicating the agent fetches and ingests public third-party web content (websites/news/contact data) which it then reads and uses to score and select leads, creating a clear avenue for indirect prompt injection.