hubspot-leadgenius

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests lead data from the public LeadGenius API (e.g., requests.get("https://api.leadgenius.app/api/automation/leads") in scripts/lg_api_to_hs.py and scripts/lg_full_to_hs.py), parses untrusted/user-generated fields (aiColdEmail, ai1, aiScoreRecommendation, capture_all, etc.) as part of its core workflow, and then uses those parsed values to drive batch upserts and schema decisions in HubSpot — enabling third-party content to materially influence downstream actions.