collecting-indicators-of-compromise

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The agent's runtime script (scripts/agent.py) and the API reference explicitly call public third-party services (VirusTotal, MalwareBazaar, AbuseIPDB) and parse their responses to enrich IOCs and set confidence scores that drive STIX exports and blocking/prioritization decisions, so untrusted external content can materially influence behavior.