funding-signal-outreach

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to perform web searches and scrape public sources (Step 1: "Web search" queries to find funding announcements and extract source_url; Step 3: "Web search: site:linkedin.com/in ..." to find contacts), so it ingests untrusted, user-generated/public third-party content that directly drives qualification, prioritization, and outreach actions.