ffuf-fuzz

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This SKILL.md explicitly instructs running ffuf against arbitrary target URLs (e.g., "ffuf -u URL/FUZZ -w ...") and to observe and act on live HTTP responses (e.g., "先不加过滤跑一次，观察默认响应大小，然后用 -fs 过滤掉"), which means the workflow fetches and interprets untrusted public web content that can influence subsequent tool actions.