cve-watchlist-action-recommendation-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests external CVE scan results and exploit intelligence (e.g., npm audit / pip-audit / Snyk JSON files and exploit_data such as CISA KEV or ExploitDB) as required inputs and parses them in scripts/parse_scan_results.py and scripts/calculate_risk_score.py, so untrusted third‑party content can materially influence risk scoring and recommended actions.