penetration-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill issues HTTP requests to arbitrary target URLs and parses response.text (see test_sql_injection, test_xss, test_security_headers, test_directory_traversal which call requests.get and inspect responses, and the Burp automation which fetches scan issues), thereby ingesting untrusted public web content that could carry indirect prompt-injection payloads.