clay

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly describes ingesting public/user-generated content (e.g., LinkedIn posts, Twitter/X profiles, Google News, company websites and public API/docs) via Clay enrichment and using those fields (for AI-generated "Personalized Opener" and ICP-driven webhooks) to drive outbound actions, so untrusted third-party content can materially influence agent behavior.