env-debug

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's troubleshooting instructions (references/troubleshooting.md) explicitly include fetching and running a public script via curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash, which instructs retrieval and execution of open/public third‑party content that could carry malicious instructions and influence subsequent tool/use decisions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt includes explicit sudo commands that change system ownership and group membership (e.g., sudo chown -R ..., sudo usermod -aG docker $USER), which instructs modifying system state and requiring elevated privileges.