sentinel-ai-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Strike red-team platform and example command ("sentinel strike --target https://api.example.com") plus descriptions like "AI-powered reconnaissance" and "multi-provider testing", together with references to public sources (GitHub and a HuggingFace dataset), show it will fetch and analyze arbitrary external URLs/targets, meaning the agent consumes untrusted third‑party web content as part of its workflow and could be exposed to indirect prompt injection.