security-scan-dependencies

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md requires collecting a user-provided target URL via the AskUserQuestion tool (Phase 1) and instructs the ai-security:security-dependency-scanner subagent to fetch and parse that external website's HTML and HTTP headers using WebFetch or curl, so it ingests arbitrary public web content that could contain injected instructions.