android-kotlin-compose

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to check and use the external repository's SKILL.md on the public GitHub repo (https://github.com/Drjacky/claude-android-ninja), causing the agent to fetch and act on untrusted third‑party content that can influence its behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent at runtime to refer to and check the external repository SKILL.md at https://github.com/Drjacky/claude-android-ninja, meaning fetched repository content would directly control agent instructions and is a required dependency.