email-finder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (see references/full-guide.md and SKILL.md) explicitly performs web scraping and fetching of public third‑party pages and social media profiles (e.g., scrapeDomainForEmails uses fetch to https://{domain}{page} and the Social Media Profile Scraping section names LinkedIn/GitHub/Twitter), so untrusted user-generated web content is ingested and can materially influence subsequent actions.