intent-signal-aggregator-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs the agent to aggregate and act on signals "across the web" (e.g., LinkedIn Jobs, TechCrunch) — clearly fetching and interpreting public, untrusted third-party content (job postings, news, social listings) that can change downstream actions like outreach recommendations.