x-cmd-network

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill queries and ingests responses from arbitrary public network hosts (e.g., x nmap scanning user-specified targets like scanme.nmap.org, x tping using curl to probe services, and x ping defaulting to bing.com), so the agent will read untrusted third-party service banners/responses as part of its workflow.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill explicitly includes commands that configure DNS ("x dns set"), notes that some nmap scans and DNS/configuration changes require administrator/root privileges, and therefore can direct the agent to modify system network configuration and require elevated privileges that change the machine's state.