sigma-server-ops-ssh

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly SSHes to user-specified remote hosts and ingests their journalctl/logs and command output (see scripts/collect_sigma_diagnostics.sh and the workflows in SKILL.md that call journalctl/systemctl), which are untrusted, user-generated third-party content that the agent reads and uses to make decisions and recommend next actions, enabling indirect prompt injection.