performing-ssl-tls-security-assessment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's agent (scripts/agent.py and SKILL.md) accepts arbitrary target hostnames/URLs and uses sslyze to connect to those external servers and ingest their TLS/certificate and vulnerability scan outputs (certificate fields, cipher suites, scan results) which are parsed and used to generate findings and drive decision logic, exposing it to untrusted third-party content from public hosts.