hosting-copyparty

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's "Copyparty 업데이트" workflow (SKILL.md and references/setup.md) explicitly polls the public GitHub Releases API to determine latest versions and then performs pull/digest-compare/restart update actions, so untrusted public release metadata can directly influence automated tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly relies on and pulls the external container image "copyparty/ac:latest" (docker.io/copyparty/ac:latest) at runtime via Podman/update flows, which fetches and executes remote code and is required for the service to run.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs running sudo commands, restarting systemd services, reading agenix secrets, and editing system/Nix and container configurations—actions that require privileged access and modify the host state.