recon-full

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow clearly requires fetching and interpreting live data from target domains/IPs (Phase 3 "存活检测" using httpx and Phase 4/5 "指纹识别"/"POC 扫描" using nuclei) — i.e., untrusted public web/service content that can directly influence fingerprinting and subsequent attack choices, enabling indirect prompt-injection risk.