security-testing-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and reference files instruct the agent to fetch and analyze public third‑party content (e.g., references/penetration-testing.md shows OSINT commands like curl to crt.sh and web.archive.org and mentions LinkedIn/Pastebin/GitHub, and references/api-security.md and references/dast.md include fetch/ZAP scans against arbitrary target URLs), so untrusted user-generated web content is ingested and used to drive reconnaissance and testing actions that could influence subsequent tool use.