zig-build-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md "Package management with build.zig.zon" section explicitly shows dependencies specified as public GitHub tar.gz URLs and notes "zig build" auto-fetches them on first run, so the agent's workflow pulls and uses untrusted, user-hosted third-party archives that can materially affect build behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The build.zig.zon includes runtime-fetched package URLs (https://github.com/Hejsil/zig-clap/archive/refs/tags/0.9.1.tar.gz and https://github.com/ziglibs/known-folders/archive/refs/heads/master.tar.gz) which "zig build" auto-fetches and whose remote code will be compiled/executed as required dependencies, meeting the criteria for a runtime external dependency that can execute remote code.