process-substitution-fifos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes examples that fetch and parse arbitrary web content (e.g., stream_json_array and other snippets use curl -s "$url" and jq, and earlier examples show jq <(curl -s "https://api.example.com/data")), so it clearly ingests untrusted public/third‑party content for processing.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.40). The skill shows examples that write to system locations (e.g. /var/log/app.log) and create/remove FIFOs under global paths (e.g. /tmp), which can modify the host filesystem and may require elevated privileges, so it encourages actions that could change the machine state even though it doesn't explicitly request sudo or user creation.