reverse-engineering-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly directs the agent to fetch and parse the public GitHub raw URL https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md, which is untrusted, user-curated third-party content the agent is expected to read and use to guide tool selection and actions, creating a clear avenue for indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs fetching and using runtime content from https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md to retrieve "complete data" used to answer user queries, so the remote content would be fetched at runtime and injected into the agent's responses, making it a required external dependency that can directly control prompts.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly advocates anti-analysis bypass techniques (PatchGuard circumvention, VM/sandbox evasion), kernel-space dumping and hypervisor/hiding tools which encourage bypassing security mechanisms and performing low-level actions that can modify or compromise the host system.