surge-configuration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly mandates using Context7 MCP tools to fetch live documentation from external URLs (e.g., https://manual.nssurge.com/llms.txt, https://kb.nssurge.com/llms.txt, https://nssurge.com/mac/latest/appcast-signed-beta.xml) and supports loading external provider policy-path URLs (e.g., https://provider.com/surge.conf), so the agent will ingest and act on untrusted third-party content that can influence configuration and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and use external documentation at runtime (e.g., https://manual.nssurge.com/llms.txt and https://kb.nssurge.com/llms.txt and https://nssurge.com/mac/latest/appcast-signed-beta.xml), and that fetched content is required and used to directly control the agent's prompts/instructions.