email-finder-tomba

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests public, user-generated web content via endpoints like "author-finder" (accepts arbitrary article URLs), "linkedin" (accepts LinkedIn profile URLs), "domain-search" and "email-sources" (returns emails and sources found on the open web), so the agent will read/interpret untrusted third‑party webpages as part of its workflow.