better-auth-emails

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to fetch and read a public recipe from fullstackrecipes.com (via recipe://fullstackrecipes.com/better-auth-emails or the curl URL https://fullstackrecipes.com/api/recipes/better-auth-emails), which is an external, untrusted web source that the agent would ingest at runtime.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill instructs a runtime fetch of external instructions via "curl -H 'Accept: text/plain' https://fullstackrecipes.com/api/recipes/better-auth-emails", which would retrieve remote recipe content that can directly control the agent's behavior, so this URL is a required runtime dependency that injects instructions.