vigolium-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill ingests and crawls public third‑party content (e.g., external-harvest from Wayback Machine, Common Crawl, AlienVault OTX, spidering, and --source-url git clones) and the agent pipeline/autopilot workflows explicitly state the agent "analyzes discovery results" (Phase 2: Plan and Phase 4: Triage) to produce AttackPlan/Triage decisions, so untrusted web or repo content can directly influence agent actions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill documents runtime cloning/usage of git repositories (e.g., https://github.com/org/repo via --source-url or --git) which the CLI fetches during execution and are consumed as source/agent context for whitebox/SAST and agent pipelines, meaning remote repo content can directly influence agent prompts/behavior (and may include executable extensions), so this is a runtime external dependency that controls prompts/executes code.