performing-endpoint-vulnerability-remediation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts/process.py explicitly fetches and ingests public third‑party data (fetch_cisa_kev() loads the CISA KEV JSON from https://www.cisa.gov/... and fetch_epss_scores() queries the FIRST EPSS API), and those external values are used in prioritization logic that directly determines remediation priority/SLA and downstream actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit privileged system-modifying instructions (PowerShell commands to install updates, change services, and edit HKLM registry keys) that direct the agent to alter the machine's state and require administrative/sudo privileges.