email-personalization

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires ingesting an "enriched lead list" that may include LinkedIn profiles, LinkedIn posts, and "general web intelligence" and the workflow/ rules (e.g., "Before You Start" bullet 1 and the "LinkedIn Post References" section of SKILL.md) instruct the agent to read and act on that public, user-generated content, which could carry indirect prompt-injection risks.