company-contact-finder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly calls external people-search tools (apollo_person_search, fiber_person_search, crustdata_person_search, pdl_person_search) and fetch_linkedin_profile in SKILL.md Steps 2–6, ingesting public/user-generated profiles (e.g., LinkedIn and other web-sourced records) which the agent parses and uses to make decisions and outputs, creating a clear avenue for indirect prompt injection.