sales-snov

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md and the API reference) explicitly ingests public third-party content—e.g., LinkedIn profile enrichment by URL, domain searches and Chrome extension scraping of company websites/LinkedIn profiles—to extract prospect emails and profile data which the agent is expected to read and use to drive campaign actions and API-driven behavior, creating a clear vector for indirect prompt injection.