enterprise-account-planning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to search and record LinkedIn results ("LinkedIn Keyword Analysis") and pull signals from press/annual reports and LinkedIn in the Account Summary, which requires ingesting untrusted public/user-generated content that the skill uses to decide whether and how to pursue accounts and thus could enable indirect prompt injection.