tls-certificate-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly connects to arbitrary external domains using openssl/nmap (see extract_certificate_metadata and extract_sans commands that call {domain}:443), ingests and parses untrusted public TLS certificate fields and SANs, and uses those values to infer technologies and drive analysis, so third-party content can influence agent decisions.