configuring-zscaler-private-access-for-ztna

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that embed secrets directly (a provisioning key passed on the zpa-connector CLI and an HEC token for log streaming), which instructs the agent to place secret values verbatim into commands/configs and thus creates an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The SKILL.md includes installation commands that fetch and install packages from https://yum.private.zscaler.com/yum/el7/zpa-connector-latest.rpm and https://dist.private.zscaler.com/apt (including curl ... | sudo apt-key add https://dist.private.zscaler.com/apt/pubkey.gpg), which download and execute remote code as a required dependency for the deployment.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running sudo package installs, writing to /etc/apt/sources.list.d, configuring /opt services, and using systemctl to enable/start services—actions that modify system files and require elevated privileges, so it directs the agent to change the host state.