context-building

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly offers to "run an Extruct search for competitors to auto-populate" the Do Not Contact list (claude-code-gtm/context/{company}_context.md), which is a clear instruction to fetch/scrape public third‑party web content and then consume those results to update context that other GTM skills use, creating a plausible vector for indirect prompt injection.