linkedin-marketing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md "LinkedIn API Integration" and "Analytics" sections explicitly instruct the agent to call api.linkedin.com endpoints (e.g., /v2/userinfo, /v2/posts, /v2/organizationalEntityShareStatistics, /v2/socialMetadata) to fetch profile, post, and analytics data — i.e., user-generated, public LinkedIn content the agent is expected to read and act on (posting, replying, scheduling), which could allow indirect prompt-injection from untrusted third-party content.