pentest-whitebox-code-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly includes sourcemap_extract(url, ...) in references/tools.md which fetches JavaScript/source-map content from arbitrary URLs and the workflow ingests and analyzes that externally-hosted source as part of the taint-analysis pipeline, exposing the agent to untrusted public content that could carry indirect prompt injection.