scanning-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core workflow explicitly instructs crawling and scanning external websites and hosts (e.g., "Phase 3: Web Application Scanning Tools" with zap-cli quick-scan https://target.com and Burp Spider/Proxy steps) so the agent will fetch and interpret untrusted third-party web content which can influence subsequent scanning/exploitation actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill repeatedly instructs privileged, state-changing actions on the host (sudo package installs, systemctl service start, enabling monitor mode, running scanners/exploit frameworks and remediation scripts) which push an agent to modify the machine's state and require/encourage elevated privileges.