infrastructure-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's InfrastructureSecurityTester class issues HTTP requests to an arbitrary endpoint (e.g., InfrastructureSecurityTester.test_auth_bypass calling requests.get(endpoint, ...)), so it fetches and interprets responses from user-supplied / public URLs which can be untrusted third-party content.