implementing-bgp-security-with-rpki

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime agent (scripts/agent.py) and the API reference explicitly fetch and consume RPKI data from public third‑party APIs (e.g., stat.ripe.net and rpki.cloudflare.com), and those responses are parsed and used to drive validation, recommendations, and operational decisions, so untrusted external responses could materially influence agent behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt includes commands that write a systemd unit to /etc/systemd, uses sudo and systemctl to enable/start services, and instructs privileged installation steps—actions that modify system files and require elevated privileges.