atlan-cli-install-configure

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required install workflow points to references/install-matrix.md which includes curl download commands fetching pre-built binaries from public GitHub release URLs (e.g., github.com/atlanhq/atlan-cli-releases/...), so the agent will fetch and execute public third-party content that can materially alter behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's install workflow uses curl at runtime to fetch and extract remote binaries (e.g., https://github.com/atlanhq/atlan-cli-releases/releases/latest/download/atlan_Darwin_arm64.tar.gz), which downloads code that will be executed/installed on the host, so this is a runtime external dependency that executes remote code.