domain-assessment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly directs subagents to discover and ingest public third‑party data (e.g., passive DNS sources like VirusTotal, Shodan, Censys, certificate transparency logs and search engine dorking in Phase 1 and the “comprehensive assessment” prompts), and those findings are used to drive subsequent scanning actions.