building-identity-federation-with-saml-azure-ad

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime scripts (scripts/agent.py and scripts/process.py) fetch and parse live federation metadata from public endpoints such as https://login.microsoftonline.com/{tenant}/federationmetadata/2007-06/federationmetadata.xml and other metadata URLs, and then use that parsed, third-party content to validate configuration and drive findings/actions, exposing the agent to untrusted external data that can materially influence decisions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes administrative PowerShell commands (installing AD FS, configuring an AD FS farm, modifying certificates and relying-party trusts, and changing domain federation settings) that require elevated privileges and change system state, so it directs modifications to the host environment.