cold-outreach-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to gather and interpret public, untrusted third‑party content (e.g., "Their own content: Blog, podcast appearances, LinkedIn posts, Twitter/X"; "Third-party signals: Crunchbase, G2, BuiltWith, job boards") as part of building a research dossier and producing the "Research Summary," which exposes the agent to user-generated/open-web content that could carry indirect prompt injections.