performing-network-traffic-analysis-with-zeek

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests untrusted third‑party data: SKILL.md Step 4 configures Zeek's Intel framework to load external feeds (e.g., /opt/zeek/intel/malicious-*.intel) and the provided agent (scripts/agent.py) parses network-derived logs and PCAPs (dns.log, http.log, conn.log) containing arbitrary external/user-generated content which the agent reads and whose values (queries, URIs, user agents, intel entries) drive notices/alerts and thus can materially influence behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt instructs installation and use of sudo, edits system-level configuration files under /etc and /opt, deploys services (zeekctl), and creates files requiring root privileges—actions that modify the machine state and require elevated permissions.