apollo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches third-party contact/profile data via Apollo API endpoints (e.g., POST /api/v1/mixed_people/api_search and POST /api/v1/people/match which return people arrays, linkedin_url and emails) and the workflow uses those results to decide and perform actions (enrich contacts and add them to outreach sequences), so untrusted user-generated/public content is ingested and can materially influence agent behavior.