gate-info-coincompare

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.70). The prompt includes explicit instructions to hide or silently skip runtime/version-check failures and not disclose technical check details to the user (e.g., "must not be explained to the user", "skip Step 1 silently"), which are deceptive, user-facing hiding behaviors outside the core coin-comparison purpose.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's Trigger update flow (documented in SKILL.md) and the bundled scripts (scripts/update-skill.sh and scripts/update-skill.ps1) explicitly fetch remote SKILL.md and archives from public GitHub (raw.githubusercontent.com / github.com) and may apply those updates, so the agent reads and can act on untrusted third‑party content that can change its subsequent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). Yes — the bundled update scripts (scripts/update-skill.sh / scripts/update-skill.ps1) perform runtime fetches from GitHub (e.g. https://raw.githubusercontent.com/gate/gate-skills/master/skills and https://github.com/gate/gate-skills.git / master.zip / master.tar.gz) and can overwrite SKILL.md and other skill files, allowing remote content to directly change prompts/instructions used by the agent.