ansible-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs that for non-builtin modules the agent should "query Context7" or, if unavailable, "use official Ansible docs / Ansible Galaxy pages" (Custom Modules and Collections section), which requires fetching and interpreting public third‑party documentation that can change module/collection selection and subsequent actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly generates Ansible playbooks/tasks for user provisioning and service/config management (including an example to "create a user and SSH key" and guidance for roles that manage services), which encourages creation/modification of system users and service/config files that can alter the host's state (including localhost).