ctf-osint

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly instructs fetching and interpreting content from open public sources — e.g., BlueSky/Twitter/X via public APIs and Wayback CDX, Tumblr avatars, Google Maps/Street View and user-submitted Google Photos, Strava/Discord/Telegram APIs, GitHub/issue comments, Shodan and web archives (see SKILL.md and social-media.md/web-and-dns.md) — which are untrusted, user-generated third‑party contents that the agent is expected to read and act on, allowing those pages/posts to materially influence subsequent actions.