connections-optimizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires browsing/ingesting user-generated social media and profile data — e.g., "browser control for LinkedIn analysis and drafting" and fallback "browser control for X" plus workflow step "Pull the current following / connection inventory" and use of lead-intelligence/Exa research — which means the agent will read untrusted third‑party content that can change pruning, scoring, and outreach decisions.