company-intelligence

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and scrape public web content using tools like Perplexity and Apify and to ingest untrusted/user-generated sources such as Glassdoor, LinkedIn, news sites, and Crunchbase as part of its company-research workflow, exposing it to indirect prompt injection risk.