agentic-soc-platform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The playbook (playbooks/threat_intel_enrichment.py) explicitly queries public third‑party services (VirusTotal, AbuseIPDB, Shodan, urlscan) and the platform ingests alerts from external SIEM/webhooks (webhook_receiver.py) which are treated as untrusted input and are used to compute reputation, tags, and drive AI analysis/response (agents in agents/langgraph_agent.py and agents/dify_agent.py), so third‑party content can directly influence decisions and actions.