intercepting-mobile-traffic-with-burpsuite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and analyzes arbitrary proxy captures from third-party servers (see SKILL.md: "Burp Suite > Proxy > HTTP History" and the scripts that load HAR/Burp XML exports—scripts/agent.py load_har_file and scripts/process.py parse_burp_xml), so the agent reads untrusted external HTTP responses as part of its workflow which can materially influence analysis and findings.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill contains explicit, actionable instructions to modify system trust stores and system files (e.g., adb push to /system/etc/security/cacerts and chmod), use Magisk/Frida to bypass SSL pinning, and change iptables on rooted devices — all of which alter machine/device state and bypass security controls.