alibaba-supplier-outreach

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches supplier listings via mcp__launchfast__supplier_research and navigates/reads supplier replies from Alibaba (using mcp__claude-in-chrome__navigate and mcp__claude-in-chrome__read_page on message.alibaba.com), and then uses those untrusted, user-generated messages to extract data and draft/send negotiation replies, so third-party content can directly influence agent actions.