implementing-network-deception-with-honeypots

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's output format explicitly asks to record "Credentials Used: [Username:Password if applicable]," which requires the agent to include plaintext credentials verbatim and thus poses an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's runtime workflow and code clearly ingest and analyze untrusted, user-generated attacker interaction data—see SKILL.md "Monitor Interactions" and scripts/agent.py (parse_opencanary_log reading /var/tmp/opencanary.log)—and that content is used to generate analysis/reports that can influence decisions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs installing and configuring system-level honeypot software, enabling network services, and changing firewall/host configurations—actions that require elevated privileges and modify the machine's state—so it should be flagged.