analyzing-cobalt-strike-malleable-profiles

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's agent invokes the external JARM scanner against arbitrary hosts (see scripts/agent.py compute_jarm_fingerprint and the SKILL.md/JARM examples) and ingests/parses the remote TLS fingerprint outputs to make match/response decisions, so it consumes untrusted third-party network responses that can materially influence actions.