mac-code-local-ai-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs DuckDuckGo web searches (ddgs.DDGS().text() and the /search command described in SKILL.md) and summarizes those public web results as part of its workflow, so it ingests untrusted third‑party content that can influence the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The README explicitly directs users to git clone and then run the agent (git clone https://github.com/walter-grace/mac-code followed by python3 agent.py), so code fetched from that GitHub URL would be executed as part of setup/runtime.