configuring-pfsense-firewall-rules

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md workflow (Step 3 "Create Firewall Rule Aliases") explicitly configures a URL Table alias "BlockedCountries" pointing to https://www.ipdeny.com/... and the instructions also call out pfBlockerNG with public feeds (Spamhaus, Emerging Threats), which are open/public third‑party sources that pfSense will fetch and ingest and that materially affect firewall behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill configures an Alias of type "URL Table" that pfSense/pfBlockerNG will fetch at runtime from https://www.ipdeny.com/ipblocks/data/aggregated/cn-aggregated.zone, and that remote IP list directly controls firewall blocklist behavior (i.e., the agent's runtime policy), so it is an externally fetched resource that the skill relies on.