crm-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests untrusted, user-generated CRM data via API calls and webhook POSTs (see "Webhook Handlers" in SKILL.md and the Close API activity endpoints /timeline and search patterns in reference/close-deep-dive.md), and those payloads are parsed and used to route handlers and drive CRUD/sync actions, so third-party content can materially influence behavior.