domain-intel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill (SKILL.md and scripts/domain_intel.py) fetches and parses public third‑party data — e.g., crt.sh for subdomains, WHOIS servers listed in WHOIS_SERVERS, and Google DoH for DNS — and uses those untrusted responses to produce parsed outputs and availability/verification verdicts, so external user-generated or public web content can materially influence its decisions and behavior.