testing-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs running scanners against arbitrary public targets (e.g., Nuclei "nuclei -t templates/ -u https://target.com" and TruffleHog "trufflehog git https://github.com/repo"), which fetch and ingest untrusted, user-generated web/repo content as part of the workflow and whose results are parsed/used to drive subsequent actions; thus it exposes the agent to third-party content that could contain indirect prompt injection.