crm-prospect-mining

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs web searches for LinkedIn company pages (agents/company-linkedin-finder.md, Phase 2 Step 3) and scrapes LinkedIn via the Apify actor (references/apify-company-scraper.md, Phase 2 Step 4), ingesting public third‑party content that the agent reads and uses (company_size_on_linkedin) to decide which leads to surface and what actions/tools to invoke.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill invokes the Apify actor call-actor(actor="scrapeverse/linkedin-company-profile-scraper-pay-per-event", ...) at runtime to scrape LinkedIn pages — this remotely-executed actor code is relied on as a required dependency for the skill's operation and thus represents a runtime external code execution dependency (scrapeverse/linkedin-company-profile-scraper-pay-per-event).