leadiq

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly states LeadIQ "find and capture contact information for leads directly from LinkedIn and company websites" and the listed actions (e.g., search-people, search-company) use Membrane to fetch that external LeadIQ data, so the agent will ingest untrusted/user-generated public web/social content as part of its workflow.