chezmoi-config

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill configures and references automatic downloads from public, user-controlled sources (e.g., .chezmoiexternal.toml.tmpl entries and example URLs like https://raw.githubusercontent.com, https://github.com/... and curl commands in run_once/run_onchange scripts), so it clearly ingests untrusted third-party content that chezmoi will fetch and incorporate.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill contains run-once/run scripts that download and execute remote install scripts at runtime (e.g. /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" and sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"), which is high-risk because fetched content is executed directly during execution.