exploiting-type-juggling-vulnerabilities

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md contains curl examples against arbitrary targets and scripts/agent.py makes requests to a user-supplied --url and interprets the HTTP responses to produce findings/severity, meaning the agent fetches and acts on untrusted third-party web content (responses) that can materially influence its decisions.