laravel-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly sends queries to and ingests documentation from the external API https://boost.laravel.com/api/docs (see SKILL.md "API" and description "Search official Laravel ecosystem documentation"), meaning the agent will read and act on third‑party public documentation that can change its code-writing decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime POST requests to https://boost.laravel.com/api/docs to fetch documentation that the agent is explicitly instructed to incorporate into its responses, so this external content directly controls prompts/behavior and is a required dependency.