linkedin-automator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflows and scripts (e.g., scripts/ideas.sh, scripts/engage.sh, and scripts/analytics.sh) instruct the agent to browse and extract user-generated content from public LinkedIn pages such as https://www.linkedin.com/feed/ and https://www.linkedin.com/news/, then read/interpret that content to generate posts, comments, and scheduling decisions, which could allow indirect prompt injection.