pentest-validation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill requires and uses a user-supplied target_url for Tier 2–3 validation (see SKILL.md configuration and the Validation Pipelines / eval test cases) where it sends payloads and reads/analyzes HTTP responses from staging or arbitrary URLs to determine exploitation status, meaning untrusted third‑party content can directly influence tool actions and classification.