aeo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs "npx goose-aeo audit --json" which scrapes the user's public website pages (see SKILL.md and README.md stating it "scrapes your website pages") and the agent parses those pages' content and LLM-generated scores to produce recommendations and follow-up actions, so untrusted third-party content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls "npx goose-aeo" at runtime and lists the goose-aeo package as a required dependency, which means it will fetch and execute remote code from the external package (see https://github.com/athina-ai/goose-aeo) during execution.