pentest-web-application-logic-mapper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires ingesting spider/crawl data (discovered URLs and forms) and other third-party docs as core inputs (see "Inputs: Spider/Crawl Data" in SKILL.md) which the agent is expected to read and act on to map state machines and drive follow-up actions like forced browsing and hidden-surface discovery, exposing it to untrusted web content that could carry indirect prompt-injection instructions.