outbound-sequences

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Research Sources" section and assets/response-playbook.yaml explicitly instruct use of public, user-generated sources (LinkedIn posts/profiles, Twitter/X, job postings, Crunchbase/G2, press releases, podcasts), meaning the agent is expected to ingest and act on untrusted third-party content as part of its workflow.