x-network

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent performs network operations against arbitrary external hosts (e.g., x nmap scans like "scanme.nmap.org", x ping which defaults to bing.com, and external DNS/testing/integration with shodan), meaning it fetches and parses untrusted public network/service responses whose contents can influence scanning/diagnosis actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). The skill documents network-management commands (e.g., nmap modes requiring root, an explicit "dns set" subcommand and notes about requiring administrative privileges) that can modify system network configuration and thus change the machine state, even though it does not explicitly instruct bypassing sudo or creating accounts.