ethical-redteam-bugbounty

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md and docs/WORKFLOW.md) explicitly runs OSINT tools that fetch public third‑party content—e.g., crt.sh and subfinder for certificates/subdomains, Sherlock and Blackbird for social/media/profile URLs—and then ingests those recon outputs (recon_output/*.json) into analyzer.py and reporter.py, so untrusted user-generated web content is read and used to drive subsequent analysis and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs cloning and running remote code (git clone https://github.com/p1ngul1n0/blackbird.git followed by python blackbird.py) as part of normal runtime OSINT workflows, so this external repository is fetched and executed and is therefore a high-confidence runtime dependency that can execute remote code.