email-campaign

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md workflow explicitly directs the agent to fetch and ingest data from external public APIs via the gooseworks proxy (e.g., hunter domain-search/email-finder, fiber/sixtyfour enrich, brand-dev company context in Steps 1, 5, and 6), and that untrusted third-party content is then used to personalize outreach and drive follow-up actions, exposing the agent to indirect prompt injection risk.