groove-admin-update

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches the latest release tag from the public GitHub API (https://api.github.com/repos/andreadellacorte/groove/releases/latest) and then installs the groove skill and explicitly reads and executes migration files from skills/groove (third-party repository content), which can directly drive actions and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill calls https://api.github.com/repos/andreadellacorte/groove/releases/latest and runs "npx skills add andreadellacorte/groove" at runtime to install remote skill code whose migration files are then read and executed, meaning fetched external content can control execution.