secret-scan-trufflehog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly runs TruffleHog against remote GitHub orgs/repos (trufflehog github --org=), S3 buckets, and arbitrary git/filesystem targets and then parses the JSON results, so the agent ingests and interprets untrusted, user-generated third‑party content.