dedicated-server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill ingests untrusted, user-generated data from remote peers — e.g., LobbyManager's _on_peer_connected/populated player_list (usernames) and RPC handlers like set_ready/_sync_lobby_state/notify* — which the server reads and uses to make decisions (starting games, kicking peers), so third-party inputs can materially influence behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt includes privileged system changes—providing a systemd service file to place under /etc, commands that require sudo (ufw, systemctl), chmod on /opt paths, and an implied dedicated user—so it instructs modifying the machine's system state.