network-scan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md Step 2 and Step 3) and the subagent instructions (scripts/resolve-careers.md and scripts/evaluate-company.md) explicitly use WebSearch and browser automation to fetch and read public company careers pages and ATS-hosted job postings (third‑party websites), and then parse and act on that content to score roles and drive subsequent actions, exposing the agent to untrusted third‑party content that could inject instructions indirectly.