pp-company-goat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core commands (e.g., snapshot, signal, funding, engineering, mentions) explicitly fetch and ingest live content from public third-party sources such as SEC EDGAR Form D, GitHub orgs, Hacker News via Algolia, Wikidata, Companies House and RDAP (see the "Coverage at a glance" and "Unique Capabilities" / snapshot descriptions in SKILL.md), which the agent is expected to read and use to make decisions—so untrusted, user-generated/open-web content can materially influence tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires installing and running code fetched from external repos (e.g., go install github.com/mvanhorn/printing-press-library/library/developer-tools/company-goat/cmd/company-goat-pp-cli@latest and go install github.com/mvanhorn/printing-press-library/library/developer-tools/company-goat/cmd/company-goat-pp-mcp@latest, and npx -y @mvanhorn/printing-press), which downloads and executes remote code during installation and is a required dependency for the skill.