sales-arrfounder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and examples explicitly instruct the agent to read and act on public, user-generated content—notably Twitter/X bios and tweets and Arrfounder web pages (arrfounder.com/database and profile pages)—and uses those third-party disclosures (MRR/ARR extracted from bios) to drive decisions like submission, ranking, and remediation, which creates a clear vector for indirect prompt injection.