Because link-e-entries pull data from external (or internal) sources, you must implement token-based authentication. Do not allow http:// links to external domains without a validation whitelist.