extruct-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill’s workflow (SKILL.md and references/column-guide.md & references/*.md) instructs the agent to run the bundled Extruct CLI commands like companies search, deep-search results, and research_pro/linkedin agent columns, which ingest public third-party content (company websites, news articles, LinkedIn pages, etc.) returned by Extruct and then read/act on those results to drive follow-up actions—exposing the agent to untrusted external content.