secure-linux-web-hosting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly requires verifying live external documentation and pages (see references/distro-routing.md "Official Docs Entry Points" which lists public sites like Certbot pages and the acme.sh GitHub wiki, and references/workflow-map.md which links to a public blog), so the agent is expected to fetch and interpret third‑party web content that can materially change commands and next actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to provide concrete commands and server-side actions (package installs, config edits under /etc, service reloads, firewall rules, SSH hardening, systemd changes, ACME issuance) that modify privileged system state, so it encourages making privileged changes to the machine.