detecting-network-anomalies-with-zeek

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill (SKILL.md and scripts/agent.py) explicitly reads and parses Zeek-generated logs from /opt/zeek/logs/current (e.g., conn.log, dns.log, http.log, ssl.log), which contain arbitrary, untrusted network/third‑party content and those parsed values are used to drive detections and remediation recommendations, so third‑party content can materially influence agent decisions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes numerous explicit sudo commands and instructions to modify system and service configuration files (under /opt and /etc), change NIC settings, enable services, and deploy software—actions that alter system state and require privileged access.