job-posting-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to locate and fetch public careers/job pages (see "find_careers_page" and rate limits for "careers page" and "job posting pages") and to parse those job postings in "extract_tech_requirements", so untrusted public third‑party content from arbitrary career/job pages is read and used to drive inferences and actions.