cometchat-react-react-router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly tells the agent to fetch and read public third-party content — the CometChat docs MCP at https://www.cometchat.com/docs/mcp and sample-app files from raw.githubusercontent.com/cometchat/cometchat-uikit-react/v6/sample-app — and to use that content to determine component code/props and drive CLI/apply actions, so untrusted web content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs remote code at runtime via "npx @cometchat/skills-cli@latest" (executes fetched npm package) and instructs fetching authoritative docs/sample code from https://www.cometchat.com/docs/mcp and raw.githubusercontent.com/cometchat/cometchat-uikit-react/... which are used at runtime to drive the agent's behavior and code generation, so these external sources directly control prompts or execute code.