competitor-post-engagers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly calls the Apify actor harvestapi/linkedin-company-posts to scrape public LinkedIn company pages (posts, reactions, and comments) and ingests user-generated headlines and comment text which are then read and used to rank posts, score/classify engagers, and drive enrichment steps (see "Step 1: Scrape Company Posts + Engagers" in SKILL.md and the scrape_company_posts / extract_engagers logic in scripts/competitor_post_engagers.py), so untrusted third‑party content can materially influence agent decisions.