Find and export SVG icons across icon libraries for UI work

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The skill’s runtime behavior is to search icon libraries and return SVG assets, which implies it fetches/reads public web or community registry content (outsider-authored icon SVG/text) into the agent context via the better-icons CLI/API; the provided SKILL.md itself is only reference material and not the injected content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's install instructions use npx/npm to fetch and run the better-icons package and point to the upstream repo (https://github.com/better-auth/better-icons and its raw README at https://raw.githubusercontent.com/better-auth/better-icons/HEAD/README.md), which means remote code is fetched and executed as a required dependency.