capability-evolver

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These links point to an unfamiliar third‑party domain (evomap.ai) used for onboarding/claiming and an unknown GitHub user's releases page (which can host executables/releases) — both are potential vectors for distributing untrusted binaries or scripts and should be treated as suspicious until the domain/repo and release artifacts are verified.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly connects to the public EvoMap/A2A network (see SKILL.md/README setup requiring evomap.ai claim and A2A_NODE_ID, index.js starting startHeartbeat) and includes ingestion/promotion tooling (scripts/a2a_ingest.js, scripts/a2a_promote.js and the A2A External Asset Ingestion section) that stage external Genes/Capsules into the local memory/selector pipeline, meaning untrusted/user-generated assets from the open network can be read and influence selector/prompt construction and subsequent actions.