pentest-agents-bug-bounty-framework

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests and searches public, user-generated writeups and reports (e.g., rag-builder ingesting repos from repos.yaml and the mcp-writeup-server) and calls bounty-platform APIs / "search_hacktivity" (HackerOne, Bugcrowd) whose results are read by agents during the autonomous hunt loop and used to choose techniques/payloads and actions, so untrusted third-party content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The install instructions explicitly clone and then run code from the remote repository https://github.com/H-mmer/pentest-agents-suite (git clone ... then running Python tools), which fetches and executes external code that the skill depends on at runtime.