candidate-screening

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs pulling candidate data from Greenhouse ("pull candidates from Greenhouse manually or via the Greenhouse API" in Step 1) and to include external LinkedIn links in deep-dive reports (Step 3), so the agent is expected to ingest user-generated third-party content (applicant profiles/public LinkedIn pages) that can directly influence screening decisions.