hr-network-analyst

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs fetching and scraping public third-party sources — e.g., "Identify sources: arXiv, NeurIPS workshops, Twitter clusters" in SKILL.md Quick Start and extensive fetching/scraping and API examples for Semantic Scholar, arXiv, GitHub, Twitter/X, Reddit, LinkedIn (Proxycurl/Phantombuster) and conference websites in references/data-sources-implementation.md and references/data-sources.md — and these untrusted, user-generated pages are parsed and fused into the network analysis pipeline and used to drive decisions, so they could enable indirect prompt injection.