build-pov-ray

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs the agent to download and inspect source archives from public third-party locations (e.g., ftp://ftp.povray.org/pub/povray/ and archive mirrors via wget/curl), so it clearly ingests untrusted third‑party content as part of its workflow.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs using sudo (e.g., "sudo cp ... /usr/local/bin" and "sudo make install") to write system-wide binaries, which requires elevated privileges and modifies system files, so it directs the agent to change the machine state with root access.