skill-seekers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows the CLI scrapes and ingests arbitrary public documentation, GitHub repos, PDFs, and videos (e.g., "skill-seekers create https://docs.django.com/", GitHub repo creation, and the "base_url" scrape config), and those untrusted third‑party contents are read and enhanced into AI skills—so external instructions could influence generated behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The CLI examples show it fetches external documentation at runtime (e.g., "skill-seekers create https://docs.react.dev/"), and that fetched content is used to generate/enhance AI skills — meaning the external document directly controls the prompts/outputs and is a required runtime dependency.