sales-trustmrr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs use of TrustMRR's public REST API (see SKILL.md "Use when ... querying the TrustMRR API" and references/trustmrr-api-reference.md with GET /startups and GET /startups/{slug}), which returns public, user-provided startup listings that the agent is expected to read and act on—exposing it to untrusted third-party content that could carry indirect prompt-injection instructions.