campaign-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md deep-research protocol explicitly requires fetching and crawling a prospect's homepage and linked pages (Step 1/2), extracting case studies, blog posts, LinkedIn/social media activity, job boards, BuiltWith/tech stack data, Google Maps/reviews and event attendee lists, and using those public, user-generated sources to drive targeting and messaging—i.e., the agent ingests untrusted third‑party content as a required part of its workflow that can change subsequent actions.