netwhiz

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly runs network queries against public, untrusted endpoints (e.g., netwhiz ping/trace to arbitrary hosts, netwhiz dns benchmark comparing public DNS providers, netwhiz speed via Cloudflare, and wifi scans) and instructs the agent to read and act on those runtime outputs (summarize status, run further diagnostics, or change DNS/VPN), so third-party responses could influence subsequent tool use.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs the agent to run commands that modify system network configuration and state (e.g., netwhiz dns set, netwhiz dns flush, VPN connect/disconnect, ARP scan), which can change system-wide settings and typically require elevated privileges, so it can compromise the host.