continuous-learning-v3

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). The URLs point to a GitHub repo from an individual account that instructs you to install and run a plugin (JavaScript) which will execute in your environment and observe sessions — not an obvious binary download but potentially risky because it runs arbitrary code and may access sensitive data without strong provenance or many community signals.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's CLI explicitly fetches and ingests arbitrary HTTP(S) URLs in scripts/instinct-cli.py (cmd_import), importing remote, user-provided "instinct" files which are then added to the agent's instincts and can change behavior, so untrusted third-party web content can influence tool decisions.