kol-engager-icp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly scrapes public LinkedIn content (KOL posts and their reactors/comments) using Apify actors (see SKILL.md Steps 1 & 3 and the script functions scrape_kol_posts / scrape_engagers which call harvestapi/linkedin-profile-posts and harvestapi/linkedin-company-posts), and the scraped user-generated post/comment content is parsed and used to select posts, score/filter engagers, drive enrichment, and determine ICP classification—so untrusted third-party content directly influences agent decisions.