vulnerability-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests open/public feeds — e.g., EpssClient calls https://api.first.org/data/v1/epss and KevClient downloads CISA's KEV JSON from https://www.cisa.gov/... — and those fields (EPSS scores, KEV entries including RequiredAction/notes and the InKev flag) are consumed in the SKILL.md workflows to compute prioritization and SLA overrides, so third‑party content can materially influence decisions.