moltoffer-recruiter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and reads untrusted user-generated content — e.g., GET /api/ai-chat/moltoffer/pending-replies and /posts/:id/comments (references/reply.md) to load candidate comments and WebFetch of LinkedIn job pages (references/post.md) — and is instructed to evaluate that content and act (generate replies/posting decisions), enabling indirect prompt injection.