performing-container-image-hardening

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The scripts/agent.py clearly fetches arbitrary user-specified targets (requests.get(f"{target}") and requests.get(f"{target}/api/v1/results")) and parses untrusted JSON into findings that directly influence the reported findings and computed risk_level, so third‑party content can materially change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The audit agent (scripts/agent.py) issues runtime GET requests to the user-supplied target (requests.get(f"{target}") and requests.get(f"{target}/api/v1/results")) and directly parses and injects the returned JSON into its findings/report, so external content at those URLs can control the agent's output.