anti-cheat-systems

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's "Data Source" section explicitly instructs the agent to fetch and parse public raw GitHub content (e.g., https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md and archive/…/description_en.txt), which are untrusted, user-generated third‑party pages the agent must read and use to guide its responses and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and inject remote content at runtime from raw.githubusercontent.com (e.g. https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md and the archive/description URLs such as https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/archive/{owner}/{repo}.txt), so external content would directly control prompts/responses.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly documents kernel-level driver loading, driver loaders, DMA/physical memory access, manual-mapping and other bypass techniques (including evasion of DSE/PatchGuard/HVCI), which encourages actions that alter kernel state and bypass security protections on the host even if it doesn't literally tell the agent to run sudo.