testing-for-broken-access-control

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md workflow and scripts/agent.py explicitly fetch and ingest arbitrary target HTTP responses (e.g., curl/ffuf examples in SKILL.md and the script's test_horizontal_escalation, test_unauthenticated_access, and test_mass_assignment functions) and then interpret response bodies to mark findings and drive subsequent actions/reporting, so untrusted/user-generated content from target endpoints can materially influence the agent's decisions.