pentest-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill injects hooks that capture and log/handle live responses from arbitrary websites (see scripts/xhr-hook.js logging responseText, scripts/websocket-hook.js and scripts/json-hook.js capturing incoming messages/JSON) and the security-products.md explicitly endorses executing returned/obfuscated JS from remote sites, so the agent will ingest and interpret untrusted third‑party web content.