analyzing-command-and-control-communication

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow (Step 5 "Map C2 Infrastructure") and prerequisites explicitly show the agent calling public threat-intel APIs (e.g., Shodan and VirusTotal via requests.get) to ingest third‑party internet data for enrichment, which the skill then parses and uses to drive infrastructure mapping and signature generation—i.e., untrusted external content is read and can materially influence actions.