censys

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly queries the public Censys API (see SKILL.md functions like search_hosts, lookup_host, find_hosts_by_domain_cert using h.search and h.view) to ingest untrusted public internet content such as service banners, HTML titles, and TLS certificate fields, and then uses that content to drive discovery and follow-up actions.