lead-enrichment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches public web and user-generated content (Apify Google Search top results, Apify LinkedIn scraper, and Apify company enrichment called in SKILL.md Step 2 and implemented in scripts/enrich_lead.py's google_search/linkedin_scrape/company_enrichment), then feeds those results into an LLM synthesis that determines lead_score, recommendations, and optional CRM write-back—meaning untrusted third-party content is read and can materially influence agent actions.