lead-research-assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (Phase A/B in SKILL.md and the references/browser-scraping-guide.md) explicitly instructs the agent to run WebSearch/WebFetch against public third‑party sources (Google result snippets, site:linkedin.com, company websites, news sites, Crunchbase, job boards) and to parse that untrusted user-generated/public content to score leads and drive follow-up actions, which meets the criteria for indirect prompt injection risk.