sales-anymailfinder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests data from open/public third-party sources (e.g., LinkedIn profile URLs and arbitrary websites via the Chrome Extension) — see SKILL.md Step 1 option D and the references/platform-guide.md "Find Email by LinkedIn URL" and Chrome Extension entries — and the agent reads and acts on those results (emails, statuses, LinkedIn URLs) to drive follow-up actions like outreach, so untrusted user-generated content could influence behavior.