sales-openwebninja

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow (SKILL.md Step 3 and the API reference) explicitly instructs the agent to fetch and parse live public web content—e.g., Website Contacts Scraper (domain scraping), Email Search (public web email discovery), Real-Time Web Search (Google SERP scraping), Local Business Data (Google Maps), and Web Unblocker (raw HTML from arbitrary sites)—so the agent ingests untrusted third‑party/user‑generated content that can materially influence subsequent actions.