static-residential-ip-assessor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's browser playbook and workflow explicitly instruct fetching and scraping public third‑party sites (e.g., ipinfo.io, ip-api.com, AbuseIPDB, Scamalytics, IPQS, BGP.he.net, RDAP/WHOIS in references/browser-playbook.md and source-checklist.md) and requires the agent to read and act on those external, sometimes user-generated signals (e.g., AbuseIPDB reports) to drive scoring and Allow/Review/Reject decisions, which enables indirect prompt injection risk.