mapping-webapp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's main pipeline (scripts/featuremap.py Phase 3) uses webctl to navigate and crawl the provided --app-url (see scripts/discover.py run_webctl/discover_pages and scripts/capture.py capture_page), extracts accessibility snapshot text and links (discover.extract_links_from_snapshot), and sends screenshots + a11y trees to the Claude vision prompt (scripts/describe.py) — clearly ingesting and interpreting arbitrary external web pages which can influence crawling, gating decisions, and generated actions/descriptions.