sales-clay

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly describes Claygent browsing and scraping the public web (references/platform-guide.md: "Claygent — browses the web, searches databases, extracts structured data") and documents HTTP API actions and inbound webhooks that call or ingest arbitrary external endpoints (references/clay-api-reference.md), so untrusted third‑party content can be fetched and materially influence downstream workflow decisions.