testing-for-sensitive-data-exposure

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime workflow (e.g., scripts/agent.py scan_javascript_files, check_config_files, and check_api_data_exposure and the SKILL.md curl examples) explicitly fetches and parses arbitrary third-party web content (target URLs and linked .js/config files) and uses that content to drive further fetches and assessment decisions, exposing the agent to untrusted user-controlled content that could influence its actions.