direct-mail

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md's Address Verification and workflow sections explicitly instruct the agent to consult third‑party public sources (e.g., "ZoomInfo / Apollo / LinkedIn" and the company's "Contact Us" page) and to interpret those external signals to decide whether and where to send mail, which means untrusted web/user‑generated content would be ingested and could influence actions.