sales-leadmagic

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests public third-party content — e.g., Profile Search takes LinkedIn/B2B profile URLs and Ads Search returns ad copy and landing-page URLs — as shown in SKILL.md and references/leadmagic-api-reference.md, and those results are intended to be read and used by the agent (via the MCP tools) to drive actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs running remote code at runtime via "npx leadmagic-mcp" (package / repo: https://github.com/LeadMagic/leadmagic-mcp), which fetches and executes external code to provide an MCP server that directly exposes tools controlling AI agent behavior.