bmad-taskmaster-mcp-bootstrap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches the TaskMaster MCP via npx or git clone from a public repository (e.g., GitHub) and instructs the agent to load and act on repository files like WORKFLOW.md and REFERENCE.md, meaning untrusted, public third‑party content will be read and can influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs fetching and running the TaskMaster MCP code at runtime (via npx or git clone) from https://github.com/eyaltoledano/claude-task-master, which executes remote code and is required for the skill to operate.