recon

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Passive Recon workflow explicitly instructs fetching and parsing untrusted public web content (e.g., "curl -s 'https://crt.sh/?q=%25.$ARGUMENTS&output=json' | jq -r '.[].name_value'", search engine dorking, GitHub/GitLab searches, and Wayback Machine checks), which the agent is expected to read and use to drive follow-up actions.