infrastructure-compliance-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows and tools (notably dns_security_checker.py in "Quick Start" and Workflow 2) explicitly fetch public DNS records and related resources (SPF/DKIM/DMARC TXT records and MTA-STS at /.well-known/mta-sts.txt) — untrusted third-party content the agent is expected to read and act on for audit findings and remediation, creating the opportunity for indirect prompt injection.