Red Team Tools and Methodology

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses open web content—e.g., waybackurls/gau historical URLs, amass passive and subfinder results, and curl queries to public sites like bgp.he.net—which the workflow then reads/grep/scans for XSS and other findings, exposing the agent to untrusted, user-generated third-party content.