sales-revenue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow (SKILL.md and reference files such as reference/outreach.md and the 6-agent architecture) explicitly requires agents like RESEARCHER and ENRICHER to fetch and scrape public third-party sources (company websites, LinkedIn, BuiltWith/Wappalyzer, Apollo/Clay lookups, Clearbit/ZoomInfo/Hunter.io, and Playwright scrapers) and uses that untrusted, user-generated content to score leads and drive outreach decisions, so external content can directly influence tool actions.