social-selling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The skill’s runtime workflow includes “Reference something specific (their post, company news, shared connection)” and “Comment on 5 ICP prospect posts,” which implies ingesting outsider-authored LinkedIn post/comment text into the agent’s LLM context for personalization (public/authenticated LinkedIn content authored by non-user parties).