pyats-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md's "NVD CVE Vulnerability Scan" step explicitly calls an external nvd-cve-mcp-server to fetch public NVD/CVE data and tells the agent to read those CVE details and use them to determine severity and cross-reference the running config, so untrusted public third‑party content is ingested and directly influences actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill invokes npx at runtime ("python3 $MCP_CALL "npx -y nvd-cve-mcp-server" ..."), which fetches and executes the remote npm package nvd-cve-mcp-server from the npm registry (registry.npmjs.org) to perform the CVE scan, satisfying runtime fetch-and-execute and making it a required dependency for that step.