xss-detection

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs the agent to fetch and analyze arbitrary web pages and application responses (e.g., "dalfox url 'https://site.com/search?q=test'", "Spider the running application to discover all forms and URL parameters", and "Search the response body for: test12345xss"), which are untrusted, user-controlled third‑party web content that the agent must read and act on.