spray-dir-brute

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly documents crawling and live-target operations (e.g., "-u http://target --crawl", "--smart", "--finger" and "-l urls.txt"), which causes the tool to fetch and parse arbitrary public/third‑party web pages whose untrusted, user-generated content is then used to drive path discovery, filtering, and fingerprinting decisions.