aws-ec2-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required user-data workflow (references/user-data-script.md and SKILL.md) explicitly runs git clone https://github.com/myorg/myapp.git and starts that code via a systemd service on instance boot, meaning it fetches and executes untrusted third-party repository content that can materially change runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The EC2 user-data script (executed at instance runtime) performs git clone https://github.com/myorg/myapp.git and wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb followed by dpkg -i, which fetch and execute remote code during boot and are required for the skill's deployment.