calendar-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly requires fetching and interpreting open/public third‑party content—e.g., "Search '{company name}' + '{pain keyword}' site:linkedin.com OR site:techcrunch.com" and "check the prospect's recent LinkedIn activity (posts, comments, likes)" in Phase 2 and the Prospect Research Guide—which the agent uses to build intel briefs and drive outreach actions, exposing it to untrusted user-generated content that could carry indirect instructions.