list-segmentation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches enriched table data from the external Extruct API (GET /tables/{table_id}/data at https://api.extruct.ai/v1) and instructs the agent to read enrichment fields—including public news/statement “hook” signals—and use them to assign hypotheses/tiers and trigger downstream email-generation, meaning untrusted public third‑party content is ingested and can materially influence actions.