gastown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly asks users to "give me a GitHub URL" and to "hook up" a repo (references/examples.md and SKILL.md's "gt rig add" / setup instructions), indicating it will fetch and act on arbitrary public GitHub content which is untrusted user-generated data and could influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's setup and error-handling explicitly instructs installing and (in "Auto" runtime examples) executing remote Go modules via commands like go install github.com/steveyegge/gastown/cmd/gt@latest and go install github.com/steveyegge/beads/cmd/bd@latest, which fetch and build remote code at runtime and are required dependencies for the skill.