cold-email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md's required "Gather Context" and "Personalization Sources" sections explicitly instruct using public/untrusted sources (LinkedIn profiles, company blogs, press/news, GitHub, job postings) to collect and interpret prospect information that directly shapes email content and follow-up actions, meaning the agent would ingest third-party user-generated content that can influence its decisions.