defold-skill-maintain

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to download and parse public Defold index pages (https://defold.com/llms/apis.md, manuals.md, examples.md) and the proto-reference-guide tells it to fetch Defold docs/API pages and to run scripts that download the Defold SDK, so the agent will ingest and act on arbitrarily fetched third‑party web content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs fetching index pages at runtime (e.g., https://defold.com/llms/apis.md) and using the downloaded Markdown to replace link tables in SKILL.md — content that the agent loads as skill instructions — so this is a runtime external dependency that can directly change agent prompts/content.