list-building

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Discovery flow explicitly ingests public web content via the Extruct Discovery API (references/discovery-api.md: data_sources can include "web_search", "linkedin", "maps" and response "scores" include "sources": ["https://..."]), and SKILL.md requires running Discovery tasks and using those results/explanations to select and qualify companies, so untrusted third‑party content can influence agent decisions.