ai-cold-outreach

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs ingesting and using open/public third‑party signals (e.g., G2 and Bombora buyer intent, LinkedIn/Indeed job posts, social posts/articles, Clay's HTTP action to connect arbitrary APIs and 150+ data sources) as enriched lead data that the agent is expected to read and use for AI personalization, which exposes it to untrusted user-generated web content.