github-repo-analyzer

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These are ambiguous/untrusted sources — an unspecified GitHub repo and personal Notion pages can host arbitrary scripts or links to installers, so downloading/executing files from them without reviewing the code, verifying the author, or scanning the files poses a high risk of malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly clones arbitrary GitHub repositories ("第二步：Clone 仓库" / git clone) and then reads and analyzes repository files (e.g., README, code) via scripts like scripts/repo_info.py and the analysis steps, which exposes the agent to untrusted, user-generated content from public third-party sources that can influence analysis and subsequent tool actions.