cold-email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required Phase 1 explicitly says to obtain a "Hook — Something recent and specific about the recipient (auto-research if not provided)" (SKILL.md) and the references (references/guide.md) repeatedly cite public social posts (LinkedIn, FB, etc.), indicating the agent will fetch and interpret untrusted, user-generated web content to craft emails.