captain-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly uses Captain Data via Membrane to run actions such as "Enrich Person" and "Enrich Company" that ingest and return data from public LinkedIn profile and company URLs (public, user-generated web content), so the agent will read and act on untrusted third‑party content as part of its workflow.