claude-code-source-analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The set includes a third‑party npm tarball served from a mirror (which can contain install scripts), a GitHub repo from an unknown user, and an opaque short domain — all are sources of executable code from unvetted origins and therefore pose a significant risk of distributing malicious or tampered code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs fetching and inspecting public third-party content (e.g., "git clone https://github.com/ponponon/claude_code_src.git" and installing the Tencent npm mirror URL), so the agent is expected to ingest and analyze untrusted, user-hosted repository contents which could contain instructions that materially influence its analysis/actions.