call-prep

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md Execution Flow (Step 2: Research Supplement) explicitly requires running web searches and fetching third-party pages (e.g., "[Company] news", funding announcements, leadership changes, and attendee LinkedIn profiles), which are untrusted public/user-generated sources that the agent will read and use to shape agendas and actions, creating an avenue for indirect prompt injection.