implementing-pod-security-admission-controller

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The included script scripts/agent.py performs HTTP GETs to a user-specified --target (e.g., requests.get("{target}/api/v1/status" and "/api/v1/compliance")), parsing untrusted/third‑party JSON into findings that directly determine the generated report and risk_level, so external content can influence the agent's workflow and decisions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt instructs modifying cluster control-plane files under /etc/kubernetes (adding /etc/kubernetes/psa-config.yaml and editing kube-apiserver manifests), which are system files requiring root/sudo and thus alter the machine's privileged state.