reliability-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes runtime code that fetches and processes arbitrary external URLs (e.g., createHttpCheck in templates/health-check.ts uses fetch(url) and the circuit-breaker usage example calls fetch('https://api.example.com/data') and processes the response), so it can ingest untrusted public third‑party content as part of its workflow.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The prompt includes destructive operational actions (Chaos Monkey terminating instances, kubectl rollout restart/scale) that modify system/cluster state, but it does not instruct privilege escalation, editing system files requiring sudo, or creating local user accounts, so the risk is present but limited.