performing-dynamic-analysis-with-any-run

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and submits arbitrary URLs (see scripts/agent.py submit_url and SKILL.md "Browser Redirects: Navigate to URLs" / "obj_url" parameter) and ingests HTTP/HTTPS request/response bodies and network indicators from ANY.RUN reports, meaning it consumes untrusted, user-controlled web content and uses those parsed results (IOCs, URLs, commands) as part of its analysis workflow.