cold-email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's personalization workflow explicitly instructs building AI prompts for external enrichment (e.g., the personalization SKILL.md example: "Find the most recent LinkedIn post by {{firstName}}... Summarize the post's main argument") and other guidance mentions scraping public site case studies (resources/frameworks/cold-email-mastery.md), meaning the agent is expected to fetch and interpret user-generated public content (LinkedIn/posts, website case studies) that could materially change messaging and actions.