clay-gtm-outbound

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and reference docs (SKILL.md and references such as "Clay Signals.md" and "Clay Personalization & Sequencing on Lemlist.md") explicitly require ingesting and scraping open/public third‑party sources — e.g., LinkedIn brand mentions, website scraping, RSS/news feeds, G2/Capterra reviews, and social media — and instruct the agent to analyze those untrusted, user‑generated contents to generate signals and drive downstream actions (enrichments, email sequencing), which could allow indirect prompt injection.