affiliate-check

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The repo's SKILL.md files (notably skills/research/trending-content-scout/SKILL.md and related skill workflows) explicitly instruct the agent to run web_search + web_fetch against public sites (YouTube, TikTok, X, Reddit and arbitrary list.affitor.com pages) and to parse/unpack user-generated engagement/content to compute engagement scores and pick content angles — untrusted third-party content that the agent is expected to read and that directly drives scoring, recommendations, and follow-up actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's setup/install steps instruct fetching and running remote code (e.g., git clone https://github.com/Affitor/affiliate-skills.git && cd ... && ./setup which executes the repo's setup, and the explicit curl -fsSL https://bun.sh/install | bash fallback), so these URLs are used during setup/runtime and they download-and-execute remote code the skill relies on for the affiliate-check CLI.