coding-tutor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required setup explicitly downloads and runs helper scripts from the public URLs (e.g., the SKILL.md "Script Setup" curl commands fetching https://skills.every.to/skills/coding-tutor/scripts/*.py and the instruction "Before doing anything else, run the setup script"), meaning externally-hosted code/content is ingested and executed and directly influences tutorial creation, indexing, and quiz decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs at runtime to curl and save remote Python scripts (e.g. https://skills.every.to/skills/coding-tutor/scripts/setup_tutorials.py and the sibling URLs create_tutorial.py, index_tutorials.py, quiz_priority.py) and then runs them (python3 ~/.cache/everyskill/coding-tutor/scripts/setup_tutorials.py), so it fetches and executes external code that the skill requires.