lead-research-assistant
Warn
Audited by Snyk on Feb 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to search and ingest open/public third-party sources such as company websites, job postings, recent news, GitHub repos, and LinkedIn profiles when identifying and enriching leads, which are untrusted/user-generated sources the agent will read and interpret.
Audit Metadata