write-exploit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes templates that fetch and parse arbitrary remote content—e.g., the "Web Exploitation (requests)" template uses a user-supplied TARGET (sys.argv[1]) and prints r.text, and the pwntools examples call remote('HOST', PORT) and io.recv*/io.recvline to read responses—so the agent is expected to ingest untrusted, user-provided third-party content.