implementing-tls

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes scripts and commands that connect to arbitrary external hosts and ingest their TLS data (for example scripts/test-tls.sh, scripts/check-tls-expiry.sh, and scripts/check-cert-expiry.sh call "openssl s_client -connect $DOMAIN" and parse certificate fields, and certbot/cert-manager examples interact with Let's Encrypt ACME endpoints), so the agent would read and interpret untrusted, third‑party content from public servers.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill contains multiple explicit privileged operations (sudo apt/certbot, writing/reading /etc/letsencrypt and /etc/ssl, adding CAs to the system trust store, installing system-level services and Kubernetes cert-manager) that instruct changing system-wide files and require elevated privileges, so it pushes the agent to perform state-changing, privileged actions.