research-slide-deck-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to git clone and inspect the external progress-slides GitHub repository (https://github.com/a-green-hand-jack/progress-slides.git) and to read its README/package.json as part of the workflow, which are untrusted public third-party contents the agent must interpret and that can materially influence subsequent editing/build actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs cloning and using the external template https://github.com/a-green-hand-jack/progress-slides.git at runtime (git clone, npm install, run preview/build commands), so the fetched repository and its install scripts would be executed and are a required dependency, creating a clear remote-code-execution risk.