ln-782-test-runner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs that if shared/ is missing it will fetch files via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path} and explicitly mandates loading shared/references/monitor_integration_pattern.md, meaning the agent will ingest public GitHub-hosted content at runtime that can direct tooling/monitor behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill mandates loading a shared reference file at runtime and, if missing, explicitly fetches it via https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}, which means remote content is retrieved at runtime and can directly control agent instructions (e.g., the required monitor_integration_pattern.md).