lead-qualification

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md (Phase 2 Step 1.5 and Step 3) and the included scripts/enrich_leads.py explicitly fetch and ingest public, user-generated LinkedIn profiles via an Apify scraper and also perform web searches/fetches of company/profile pages, which the agent is expected to read and use to make qualification decisions—exposing it to untrusted third-party content that could carry indirect prompt injections.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The included script (scripts/enrich_leads.py) calls the Apify API at runtime (https://api.apify.com) to start the supreme_coder~linkedin-profile-scraper actor, which executes remote code on Apify and the skill relies on that actor for required LinkedIn enrichment — meeting the criteria for a runtime external dependency that executes remote code.