protocol-reverse-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's implementation-playbook.md explicitly instructs capturing and analyzing live network traffic and HTTP streams (e.g., "Man-in-the-Middle Capture" with mitmproxy, Wireshark/tshark export of http_traffic.json, and Scapy printing Raw payloads), which means the agent will ingest and interpret arbitrary public/untrusted network and web content as part of its workflow.