inbound-lead-enrichment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow (Step 2 "Company Research", Step 3 "Person Research", and "Tools Required") explicitly directs the agent to perform web-searches and scrape/publicly ingest content from third-party sites (company websites, LinkedIn, Twitter/social mentions, news articles and other arbitrary web pages via web search and LinkedIn scraper/Apify) and to interpret that untrusted, user-generated/public content to drive enrichment decisions and follow-up actions, which could enable indirect prompt injection.