afrexai-cybersecurity-engine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Reconnaissance section explicitly directs consulting public third‑party sources (e.g., GitHub/GitLab, Wayback Machine, Shodan/Censys, LinkedIn) as part of the pentest workflow, meaning the agent is expected to fetch and interpret untrusted user-generated web content that could influence its actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The prompt contains numerous actionable system‑level hardening and incident‑response steps (SSH config, firewall rules, revoke credentials, rebuild systems, change root login, container runtime settings, etc.) that would modify machine state and require elevated privileges if an agent executed them, even though it doesn't explicitly instruct the agent to escalate or bypass sudo.