find-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill instructs the agent to search and fetch skills from public third-party sources (via npx skills find [query], links to https://skills.sh/ and GitHub owner/repo pages) and to present and optionally install those community-authored packages, which are untrusted user-generated content that can influence actions like installing and running code.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). This skill explicitly instructs running npx skills add to fetch and install skills at runtime (e.g., vercel-labs/agent-skills@vercel-react-best-practices and https://skills.sh/), which will download and execute remote code from Git/GitHub and is a required runtime action to install those skills.