sales-lemlist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly says the AI Personalization feature "pulls data from LinkedIn profiles, company websites, and other sources to create personalized outreach" (and the API reference exposes People Database/search endpoints), so the agent is expected to ingest and act on untrusted public user-generated content from LinkedIn and websites which could influence actions.