people-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The workflow explicitly instructs adding a "linkedin" agent column that uses profile_url ("agent_type": "linkedin", prompt: "{profile_url}") to fetch and parse public LinkedIn profiles (user-generated content) as part of the skill (Step 6 and the API reference), so untrusted third-party content is read and can influence subsequent actions.