intercepting-mobile-traffic-with-burpsuite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests untrusted network captures (exported HAR/Burp XML) containing arbitrary third-party request/response bodies—see scripts/agent.py (load_har_file) and scripts/process.py (parse_burp_xml) and SKILL.md instructions to export HTTP History—which the agent reads and uses to drive analysis and follow-up actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill contains explicit, actionable instructions to modify system trust stores and system files (e.g., adb push to /system/etc/security/cacerts and chmod), use Magisk/Frida to bypass SSL pinning, and change iptables on rooted devices — all of which alter machine/device state and bypass security controls.