techstack-identification

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill suite explicitly fetches and ingests public, untrusted web content—e.g., WebFetch queries for OpenAPI specs in api_portal_discovery, crt.sh queries in certificate_transparency, public GitHub/GitLab scans in code_repository_intel, and HTML/page fetches in html_content_analysis—that the agents parse and use to drive inferences and decisions, enabling indirect prompt-injection from third-party content.