cors-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's validator explicitly fetches and analyzes live, arbitrary URLs (see scripts/validate_cors.py test_endpoint and the SKILL.md / references/script_reference.md instructions for "validate --url" and "--url-file"), meaning untrusted public web endpoints and their responses are ingested and used to drive findings and next-action recommendations.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly directs inspecting and changing server configuration files (nginx.conf, Caddyfile and backend middleware) and advises header-stripping fixes, which are system-level modifications that typically require elevated privileges and can change machine state.