dast-nuclei

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs running "nuclei -update-templates" and otherwise using community templates (from ProjectDiscovery's nuclei-templates/public repo) so the agent will ingest and act on user-contributed, public YAML templates that can change scan behavior and downstream decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly pulls and relies on remote template and action repositories at runtime—e.g., "nuclei -update-templates" fetches templates from https://github.com/projectdiscovery/nuclei-templates which directly control scanning instructions, and the GitHub workflow uses projectdiscovery/nuclei-action@main which fetches and executes remote action code—so these external URLs can directly control execution.