qe-pentest-validation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly runs DAST/validation against an external target_url (e.g., "https://staging.app.com") in Phase 1/Phase 3 and uses payload-driven tests including Playwright browser JS execution for DOM XSS and SSRF tests (see "Phase 3: Validation" and the XSS/SSRF pipelines), meaning the agent fetches and interprets untrusted third‑party web content as part of its decision-making workflow.