fdk-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required subagent workflow (SKILL.md Install/Operations and references/*.md) instructs the agent to fetch and run remote resources (e.g., "curl ... https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash", "npm install https://cdn.freshdev.io/fdk/latest.tgz -g", and downloading nvm-windows from GitHub releases) from public third-party URLs which the subagent will execute autonomously, so untrusted remote content can materially influence tooling and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's install/upgrade/downgrade steps spawn shell subagents that fetch and execute remote scripts/packages at runtime — e.g. curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash, /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)", and npm install https://cdn.freshdev.io/fdk/latest.tgz (and https://cdn.freshdev.io/fdk/v${VERSION}.tgz) — which download and run remote code that the skill relies on.