subfinder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly states that subfinder "queries certificate transparency logs, DNS datasets, search engines, and other OSINT sources" (e.g., crt.sh, Wayback Machine, Shodan, Censys) and the examples/instructions require the agent to ingest those public, untrusted third‑party results to drive enumeration, prioritization, and follow-on scanning, so external content can materially influence tool use and decisions.