list-building

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to ingest and act on open/public third‑party content — e.g., .claude/skills/find-contacts/SKILL.md and resources/lead-sources-guide.md (and related SKILL.md sections) direct scraping/exporting from LinkedIn, Google Maps, RSS feeds, social media, Apify/PhantomBuster/ Evaboot exports and other public sites and to use those signals to score, segment, and drive next actions — meeting all criteria for untrusted, user-generated content that can influence tool use and decisions.