penetration-tester

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 1 Reconnaissance (OSINT) explicitly instructs gathering and interpreting public/untrusted sources (e.g., Shodan, Censys, crt.sh, LinkedIn, GitHub, Pastebin, Wayback Machine) as part of the required workflow to build an attack-surface and guide subsequent testing, which exposes the agent to untrusted third-party content that could indirectly inject instructions.