writing-linkedin-posts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly scrapes and ingests a user's public, user-generated LinkedIn posts via the Apify API (see scripts/scrape_my_posts.py and SKILL.md which call api.apify.com to fetch LinkedIn profile posts) and then analyzes them for voice, so it consumes untrusted third‑party content that could contain indirect prompt injections.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime scraper posts to the Apify actor endpoint (https://api.apify.com/v2/acts/apimaestro~linkedin-profile-posts/run-sync-get-dataset-items?token=...) to fetch a user's LinkedIn posts which are then injected into the agent's analysis and used to directly shape generated prompts/output, making this a required runtime dependency that controls the agent's behavior.