hyperframes-registry

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly instructs fetching and reading the public registry manifest and item files (e.g., https://raw.githubusercontent.com/heygen-com/hyperframes/main/registry/registry.json and each item's registry-item.json and component/demo HTML), so the agent would ingest and act on open third-party HTML/JSON/JS content that can influence installations and wiring decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches the registry at https://raw.githubusercontent.com/heygen-com/hyperframes/main/registry (e.g., curl .../registry/registry.json and hyperframes.json default) which the CLI uses at runtime to download HTML/JS component files that can contain and later execute remote code, so this is a runtime external dependency capable of executing code.