abm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow instructs the agent to ingest external people and company data (e.g., "LinkedIn URL → Extract domain" in Step 1, plus required calls like enrich_company, find_person, enrich_person and "Key Signals: [Recent news, funding, hiring]") which clearly pulls untrusted, user-generated public web/social content and uses it to drive persona matching, playbook selection, outreach generation and next actions.