cold-email-starter-kit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs the agent to fetch and crawl public third‑party websites and social sources (see references/02-campaign-strategy.md "Deep Research Protocol" — "Fetch the homepage... Systematic Page Crawling" and SKILL.md's /auto-research-public which "scrapes the target company"), and to ingest Prospeo/LinkedIn/Google Maps and other public data to generate ICPs and drive downstream actions (lead pulls, enrichment, and campaign launches), so untrusted third‑party content is read and can materially influence tool use and next steps.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Prospeo Search API (https://api.prospeo.io/search-person) is invoked at runtime by the skill to pull lead data that is injected into the agent's prompt/context to generate personalized outreach (i.e., external fetched content directly controls the agent's output and is a required dependency).