protocol-reverse-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs capturing and parsing network traffic from arbitrary sources (e.g., mitmproxy/tcpdump/tshark examples and pcap analysis/replay sections) so the agent ingests untrusted third-party HTTP/HTTPS and other payloads and may act on their contents (e.g., parsing, modifying, and replaying packets), which could enable indirect prompt injection.