wireguard

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 6 DNS Integration explicitly runs a remote installer with "curl -sSL https://install.pi-hole.net | bash", which fetches and executes untrusted, public third-party code that can materially alter behavior and thus enable indirect prompt-injection-like influence.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to install packages, write and modify files under /etc, change sysctl and iptables, and enable systemd services (wg-quick@wg0), all of which alter system state and require elevated privileges, so it poses a high risk of compromising the host.