lead-enrichment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly ingests and interprets open/public third‑party content—e.g., LinkedIn profiles, G2/Bombora intent signals, BuiltWith website scans and public job postings via providers like Apollo/ZoomInfo/Clay—which are user-generated or public web data used directly in scoring and AI personalization, exposing the agent to untrusted external content.