apollo-lead-finder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly calls Apollo's public APIs (e.g., SKILL.md references POST https://api.apollo.io/api/v1/mixed_people/api_search and scripts/apollo_client.py implements search_people and bulk_enrich_people), ingesting profile data (names, titles, LinkedIn URLs, etc.) that the agent reads and uses to decide which leads to enrich, deduplicate, list, or export, so untrusted third‑party content could materially influence its actions.