inbound-lead-qualifier

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to "Research company deeper" and "Identify decision maker on LinkedIn" and includes fields for public LinkedIn and company website URLs, so the agent is expected to read/interprete untrusted, user-provided third-party web content (LinkedIn/company pages) as part of its workflow.