find-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Python search tool (scripts/request.py) queries the public Alibaba Cloud skill marketplace (wuyingai.cn-shanghai.aliyuncs.com) via SearchPublicMarketSkill and then displays/parses returned skill descriptions, repository SourceUrl values (e.g., GitHub/GitLab repo links) for presentation and installation, which are untrusted, user-supplied third-party contents the agent consumes as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill makes runtime API calls to the Alibaba Cloud skill marketplace at https://wuyingai.cn-shanghai.aliyuncs.com to fetch skill metadata (including SourceUrl) which the agent uses to build npx install commands that can fetch and execute remote code from arbitrary repositories, so this is a runtime external dependency that can lead to code execution.