crm-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly ingests and acts on user-generated third‑party content — e.g., n8n nodes "Get HubSpot Contacts" and "Get Salesforce Contacts", the LinkedIn → HubSpot recipe (linkedin.get_profile), Calendly trigger (calendly.booking_created), Google Sheets sync, and the "Deduplicate with OpenAI" / "ai_scoring_model" prompts — and uses that data to score, deduplicate, route, and trigger follow‑on actions, so untrusted external content can materially influence decisions.