uv-project-migration

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The docs page is normal documentation, but the presence of a direct install.sh download on astral.sh (a non-mainstream/self-hosted domain) — commonly used with "curl | sh" — is a high-risk distribution pattern because the script will execute arbitrary code if run without inspection.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs fetching and executing third-party content and package metadata from public sources (e.g., "curl -LsSf https://astral.sh/uv/install.sh | sh" and "Access to package index (PyPI)" used by "uv sync"), which ingests untrusted, user-published packages/metadata that can materially influence tool behavior and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's prerequisites explicitly instruct executing a remote installer via "curl -LsSf https://astral.sh/uv/install.sh | sh", which fetches and runs remote code at runtime and is listed as a required dependency (https://astral.sh/uv/install.sh).