probe

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the skill's SCAN workflow (SKILL.md "PLAN → SCAN → VALIDATE → REPORT") and explicit tooling examples in references/zap-scanning-guide.md (zap.urlopen, spider/ascan) and references/nuclei-templates.md ({{BaseURL}}/… and nuclei -u) require fetching and parsing arbitrary target URLs/public web content (user-provided or public sites), which the agent must interpret to decide validations, findings, escalations, and next actions.