uniwind

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and use the public URL https://docs.uniwind.dev/llms.txt to "discover all available pages before exploring further", meaning the agent will ingest and act on untrusted third‑party web content as part of its workflow (SKILL.md), which could contain instructions that influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs at runtime to fetch external documentation ("Fetch the complete documentation index at: https://docs.uniwind.dev/llms.txt"), which the agent would use to discover pages and thereby allow remote content to directly control prompts/guidance the skill follows.