inbound-lead-qualification

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and interpret public web content (e.g., "Sources: enrichment data, LinkedIn company page, web search" in Step 3 and "company website, product description, job postings, Crunchbase" in Step 5, plus "Web search" and "LinkedIn scraper" in Tools Required), and uses those untrusted third-party sources to drive scoring and routing decisions—allowing indirect prompt-injection from that content to influence actions.