clay-core-workflow-a

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Step 2 "Execute" explicitly states Clay will "automatically query the configured data providers" (e.g., LinkedIn, Clearbit, Apollo and other enrichment providers), so the agent ingests public/user-generated third‑party data as part of its workflow which can materially influence downstream actions like CRM updates and outreach decisions.