network-forensics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs extracting and inspecting third-party web content from packet captures (e.g., "tshark --export-objects http,exported_files/" and "ls extract_files/ # Zeek auto-extracts transferred files"), so the agent would ingest arbitrary untrusted HTTP/files from the open web embedded in pcaps and could let that content influence analysis and follow-up actions.