pentest-toolkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill runs scripts that fetch and ingest content from arbitrary public targets (e.g., discover_structure.py, enumerate_endpoints.py, test_xss.py invoked as "uv run python scripts/... <TARGET_URL>" and analyze_responses.py which consumes HTTP response files), meaning the agent will read and interpret untrusted third-party web content and responses.