XSS Payload Injection in Tool Response Output - ATR-2026-00270 (6c4c86a5-c9dc-54ab-8601-e7db40f56d69)
Detects cross-site scripting (XSS) payloads embedded in tool responses or skill output that get rendered in a web-based agent UI, chat interface, or agent dashboard. When an agent passes tool output directly to a frontend without sanitization, injected script tags, event handlers, or javascript: URIs execute in the user's browser. From NVIDIA garak xss probe family (distinct from ATR-2026-00261 markdown image exfil — this covers script execution, not just passive URL fetching).