pp-craigslist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI intentionally fetches and ingests live Craigslist content (e.g., commands like "search", "postings", "listing get|get-by-pid|images", "since", "watch tail", and --data-source live described in SKILL.md) which are public, user-generated listings and the agent is expected to read and act on that content (scoring/triage, alerts, routing), so untrusted third-party content could supply instructions that materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires installing and running remote code at runtime via npx -y @mvanhorn/printing-press install craigslist and the Go module URL go install github.com/mvanhorn/printing-press-library/library/commerce/craigslist/cmd/craigslist-pp-cli@latest, which fetches and installs/executes external binaries the skill depends on.