prospect-research-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly scrapes and looks up data from public third-party sources—e.g., scrape_linkedin_profile/linkedin activity, source_manager.register_source with "news_api", scrape_job_postings, lookup_crunchbase, and search_sec_filings—and then reads and classifies that fetched text (e.g., classify_event(event) using event.text) to generate triggers and recommended actions, so untrusted user-generated/public content can directly influence agent decisions.