recon

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and interprets data from arbitrary network targets (e.g., "dig $ARGUMENTS ...", "curl ... https://$ARGUMENTS", and gobuster/dns enumeration) as described in SKILL.md, and instructs the agent to review those third-party DNS/HTTP/scan outputs and "adapt subsequent steps" based on findings, which meets the criteria for consuming untrusted public content that could influence actions.