openosint-ai-osint-framework

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows the AI agent (agent.investigate / "Agent automatically chains tools based on findings") calling tools like search_username, search_paste, search_shodan, search_virustotal and others that fetch public/user-generated data from social platforms, paste sites, Shodan/VirusTotal and web sources, so untrusted third‑party content is ingested and can influence the agent's subsequent tool choices and actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill includes explicit installation steps that invoke sudo (e.g., "sudo mv phoneinfoga /usr/local/bin/") and instruct moving binaries into system directories and changing permissions, which modify the host system state and require elevated privileges.