use-topbar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md / IMPLEMENTATION.md) explicitly instructs the agent to consult and fetch public Aura Storybook and shadcn registry resources (e.g., https://cognitedata.github.io/aura/storybook and the registry URL https://cognitedata.github.io/aura/r/{name}.json) and to use those external pages to determine component props and installation steps, so the agent will ingest untrusted third-party content that can materially influence implementation decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill mandates running the shadcn CLI (pnpm dlx shadcn@latest add @aura/topbar) and requires a components registry entry that points to https://cognitedata.github.io/aura/r/{name}.json, which will be fetched during installation and drives code/template retrieval and execution—i.e., remote content executed at install time and required by the skill.