client-proposal-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 1 "Client Research" explicitly instructs the agent to use WebSearch and Bash to gather company overviews, recent news, job postings, GitHub repos, and LinkedIn/about pages from public websites, and to incorporate those findings into the proposal—i.e., the agent fetches and interprets untrusted third-party web content that can materially influence its outputs.