pain-language-engagers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2 pipeline explicitly scrapes public, user-generated LinkedIn content (posts, company pages, and profiles) using Apify actors (harvestapi/linkedin-post-search, harvestapi/linkedin-company-posts, supreme_coder/linkedin-profile-scraper) and then reads and acts on that content to classify and select leads, which meets the criteria for exposure to untrusted third-party content from LinkedIn.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly requires and invokes external Apify actors at runtime (e.g., harvestapi/linkedin-post-search, harvestapi/linkedin-company-posts, and supreme_coder/linkedin-profile-scraper), which are external services that execute remote code and are listed as required dependencies for the pipeline.