monitoring-darkweb-sources

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests untrusted public content from third-party sources — e.g., Have I Been Pwned, Dehashed, api.ransomware.live, and paste site APIs (see scripts/agent.py functions check_breach_exposure, search_paste_sites, check_credential_exposure, monitor_ransomware_leak_sites and SKILL.md curl examples) — and uses that data to drive investigation decisions and follow-up actions (password resets, IR escalation), so external content can materially influence agent behavior.