github-actions-validator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and runs third-party content (e.g., scripts/install_tools.sh uses curl to raw.githubusercontent.com to install act/actionlint and validate_workflow.sh/run instructions require consulting official docs and running act which pulls public Docker runner images), so it ingests untrusted public sources and uses their content to determine fixes and validation outcomes.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's install script fetches and executes remote installer scripts at runtime (curl --tlsv1.2 -sSf https://raw.githubusercontent.com/nektos/act/master/install.sh | bash and bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)), which runs remote code necessary for the toolchain, so these URLs present a runtime remote-code-execution dependency.