hunter-io

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly calls Hunter.io API endpoints (e.g., domain-search, email-finder, email-verifier in functions like domain_search, get_all_emails, and find_email) which ingest publicly indexed, user-generated web content and return email addresses, detected patterns, and source URIs that the agent reads and uses to generate/verify emails, so untrusted third-party content can materially influence subsequent actions.