go-mode

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly lists and uses web_search and web_fetch to read full web pages and the example plans (e.g., "Research each: pricing, features, reviews" and "Search for SaaS companies (web)") which means the agent will fetch and interpret untrusted public web content that can influence its actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill exposes powerful tools (exec, read/write/edit files) and can plan/execute arbitrary shell or file operations that may modify system configs or create users — even though it includes guardrails and confirmation steps, it still enables actions that can compromise the machine if approved.