ollama-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's workflow explicitly instructs fetching and installing from public third-party sources (e.g., "curl -fsSL https://ollama.com/install.sh | sh" and "ollama pull llama3.2" in references/skill-workflow.md) and then uses those downloaded models in example integrations, meaning untrusted public content is ingested and can influence subsequent model behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). This skill's installation instructions include executing a remote script via "curl -fsSL https://ollama.com/install.sh | sh", which fetches and runs remote code at runtime (https://ollama.com/install.sh) and is therefore a high-risk external dependency.