amber-lang

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The LSP Installer makes a runtime call to https://api.github.com/repos/{repo}/releases/latest (via curl) to obtain a browser_download_url and then file_download/file_extract and mv the downloaded release into /usr/local/bin, which fetches and installs remote executable code from GitHub releases at runtime.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly exposes a "sudo" modifier and filesystem stdlib operations (e.g., chmod, write, extract) and allows running shell commands, which enables privilege escalation and modifying system files—actions that can change or compromise the machine state.