cold-outreach-sequence

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs running web_search calls (e.g., web_search('[Company] [Founder/Name] news 2026') and web_search('[Person name] [Company] LinkedIn')) and requires citing "Source: [URL or platform]" and using news/LinkedIn/post signals to craft messages, so it ingests untrusted public third‑party content that can influence agent behavior.