job-apply

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and analyzes external job postings and performs LinkedIn/web searches (see "Fetch and analyze job posting (via WebFetch/WebSearch)" and "Find hiring manager via LinkedIn/web search" in SKILL.md), meaning the agent will read untrusted public third-party content that can materially influence its actions like drafting responses and creating/sending emails.