copilotkit-self-update

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs running "npx skills add copilotkit/skills --full-depth -y" to pull SKILL.md files from a public GitHub repository, so the agent will ingest untrusted, user-generated third‑party content that can change its behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The command "npx skills add copilotkit/skills --full-depth -y" fetches and runs remote package code at runtime and pulls SKILL.md files that directly control the agent's prompts/instructions, so it is a runtime external dependency that can execute code and modify agent behavior.