hiring-signal-outreach

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 1 explicitly instructs the agent to search and extract job postings from public sites (LinkedIn Jobs, Indeed, Google Jobs, web search, Apollo) and Step 4 uses extracted job-description content to draft outreach, so untrusted third-party job-post content is ingested and can materially influence agent actions.