mthds-install

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and installs packages from public GitHub repos ("Step 1 — Identify the Source" and "Step 3 — From GitHub: mthds-agent install <org/repo>"), meaning it fetches and installs untrusted, user-generated third‑party code whose contents can materially influence subsequent agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes the mthds-agent CLI at runtime to install packages from GitHub (e.g., https://github.com/org/repo or the shorthand org/repo), which fetches remote repository content that can contain executable code or method prompts that directly control agent behavior.