fuzz

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md instructs the agent to run web discovery and scanning tools (gobuster, ffuf, nikto) against an arbitrary target URL ($ARGUMENTS) and to "review the results" and "adapt subsequent steps based on findings," which means it fetches and interprets untrusted public web content from the target host (web pages/responses) that can influence subsequent actions.