landing-page-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Quick Start and Related Skills explicitly show running a web search app (e.g., "belt app run tavily/search-assistant" to "Research competitor landing pages" and recommending inference-sh/skills@web-search), which clearly fetches and ingests public web pages whose user-generated/untrusted content could influence the agent's research and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill repeatedly invokes the inference.sh CLI (e.g., belt app run ... against https://inference.sh) at runtime to run remote apps/models (execute remote code) for image generation and search, so this is a required runtime dependency that executes external code.