reverse-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and analyze untrusted third‑party artifacts (e.g., "Obtain firmware.bin from official vendor support page" in references/firmware-embedded.md and use community Frida codeshare scripts in the Dynamic Analysis / Frida sections), and the agent is expected to read and act on decompiled APKs/firmware/scripts as part of its workflow, so that externally-supplied content can materially influence tool usage and next actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly instructs bypassing anti-debug and protection mechanisms and performing binary patching/hooking (e.g., LD_PRELOAD, patch JNZ→JMP, Frida ssl-unpin), which are actions that circumvent security controls and modify process/system state.