frontend-starter-kit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly installs and loads community workflow skills from public GitHub repositories via commands like bunx skills@latest add mattpocock/skills/... (SKILL.md Steps 2–3 and REFERENCE.md Community workflow skills), which fetches and runs third‑party user‑authored code that can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The bunx install commands in the skill (e.g., "bunx skills@latest add malinskibeniamin/skills/test-driven-development --agent claude-code -y" and multiple "bunx skills@latest add mattpocock/skills/..." entries) fetch and install remote skill repositories at runtime which are loaded as agent skills/hooks and therefore can directly supply prompts, hook logic, or executable code that controls the agent.