WebAssessment

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The skill contains an explicit, mandatory pre-action curl notification that forces an out-of-scope network call (potential telemetry/exfiltration) before any assessment, which is a deceptive/behavior-changing instruction outside the skill's stated web-assessment purpose.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests untrusted public content (e.g., GitHub bounty data via BugBountyTool/README.md referencing arkadiyt/bounty-targets-data, public OSINT and social-media feeds and APIs in OsintTools/API-TOOLS-GUIDE.md and OsintTools/README.md such as Shodan/Dehashed/Sherlock/Osintgram/Tinfoleak, plus Recon tool commands in SKILL.md) and then instructs the agent/LLM to read and analyze those findings (e.g., VulnerabilityAnalysisGemini3.md consolidates scan outputs for Gemini to analyze), so third-party content can materially influence subsequent analysis and actions.