linkedin-outreach

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and uses untrusted, user-generated public content (e.g., LinkedIn comments/job postings) — see Phase 3 Merge Variables ({comment_snippet}, {post_topic}, {job_posting_url}) and templates like templates/sequence-templates/pain-language.md and database_search.md which instruct using LinkedIn comments and external page signals directly in generated messages — meaning third-party content is read/interpreted and directly influences message generation.