portfolio-deal-linker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly calls HubSpot (hubspot_search_deals, hubspot_get_deal, hubspot_search_contacts, hubspot_get_company), Apollo (apollo_emailer_campaigns_search) and Gmail (gmail_search_messages) to ingest deal notes, activity timelines, sequence/enrollment data and email drafts—user-generated/untrusted third-party content—which the agent reads and uses to make attribution and update portfolio decisions, creating a pathway for indirect prompt injection.