subdomain-deep

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests open web content (Phase 2: "通过 http_request 或 curl 查询 FOFA API" in SKILL.md and Phase 3: "用 katana 爬取...从页面内容中提取更多子域引用", plus curl-based HTTP response comparison in references/enumeration-tools.md), and those untrusted third‑party pages/API results are parsed and used to drive enumeration and follow-up actions, which could enable indirect prompt injection.