sales-clearcue

Warn

Audited by Snyk on Jun 14, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Clearcue’s REQUIRED runtime workflow can ingest outsider-authored free text via MCP/Webhook payloads that include lead “signal_context” (e.g., engagement details from LinkedIn/X/Reddit/news/job posts) which are not authored by the operating user, and that text is returned to the agent in markdown/CSV for LLM context.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 14, 2026, 12:20 AM
Issues
1
Security Audit — snyk — sales-clearcue