pentest-ai-llm-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflows and tool signatures explicitly ingest and test content from arbitrary external sources — e.g., "Embed malicious instructions in documents/emails/web pages the LLM processes" and functions like prompt_inject(target_url, ...) and prompt_fuzzer(target_url, ...) indicate the agent will fetch/interpret untrusted public URLs/RAG content.