email-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and checks explicitly fetch and parse untrusted public content—e.g., DNS TXT/MX/PTR lookups via "dig txt +short", "dig mx +short", and HTTP fetches like "curl https://mta-sts./.well-known/mta-sts.txt" as part of the required audit agents—so third-party domain-controlled data is ingested and directly drives scoring and remediation decisions.