ai-sdr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to ingest and act on open/public third-party content — e.g., recent LinkedIn posts and activity, company news via Google Alerts/Mention, Claygent custom web scraping, BuiltWith/Wappalyzer signals, and other public enrichment sources — for personalization and signal detection, so the agent will read and interpret untrusted/user-generated content as part of its workflow.