recon-subdomain

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs tools to ingest public third‑party data (e.g., subfinder sources listing search engines/crt.sh/censys and the crt.sh curl example in "Scenario 8: Certificate Transparency Log Search") and then parse and act on those results (piping into dnsx/httpx and subsequent scans/storage), so untrusted web-origin content is read and directly drives subsequent tool actions.