ln-514-test-log-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill clearly ingests untrusted third‑party content: the analyze_test_logs.mjs collector will fetch and parse logs from arbitrary Loki HTTP endpoints (via LOKI_URL or --loki-url) and SKILL.md directs fetching missing reference files from raw.githubusercontent.com, and that ingested log/text content is parsed and used to drive classifications, fix recommendations, and verdicts (i.e., it directly influences agent decisions).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The SKILL.md explicitly instructs fetching missing shared files at runtime via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}, and those fetched files (e.g., analyze_test_logs.mjs and the reference md files) are treated as required dependencies and/or executed (node scripts) or used to drive classification rules, so remote content can directly control execution and agent behavior.