traceroute

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md "Path Tracing" and "Standalone (Direct Commands)" steps explicitly instruct running traceroute/mtr against arbitrary hosts (e.g., "bash scripts/traceroute/trace-network-path.sh -j -x" and "traceroute "), causing the agent to ingest and interpret untrusted third-party network/hop outputs (JSON/hostname data) as part of its workflow even though targets are noted to be validated via .pentest/scope.json.