domain-puppy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly calls external public sources (mcp__domain_puppy__check and mcp__domain_puppy__premium_check that POST to the Cloudflare worker and RDAP/WHOIS endpoints) and can scrape registrar pages with Playwright (Step 9 in SKILL.md and the mcp handlers), and those remote, public website/API responses are read and used to drive decisions and follow-up actions — which exposes the agent to untrusted third‑party content.