You can easily click a link e.g. to a blog post on Chrome inside your profile.

E.g. a Jira ticket links to a post on how to do something concurrency related in Python.

I get your point thought that maybe this is no worse than if they visit the site on the personal side.

However I wouldn't trust out lack of imagination on how to exploit this to be happy about the security gap!