performing-ssl-tls-inspection-configuration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill actively connects to arbitrary external hosts and ingests their TLS certificates as part of runtime validation—see scripts/agent.py (check_inspection_active, scan_multiple) and SKILL.md Step 6 (openssl s_client / curl to www.google.com, www.example.com)—so untrusted third-party data (server certificate fields) is read and used to determine inspection status and drive reporting.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill includes explicit privileged operations (sudo/PowerShell commands) to install an internal CA into system trust stores and modify certificate stores/configuration—actions that change the host's security state and require administrative privileges—so it encourages altering the machine's state.