neldivad-blueprint-instantiator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2.5 workflow explicitly uses the external "find-skills" search and then installs public skills via "npx skills add owner/repo@skill" (Phase 2.5: Discover and Install Skills), which causes the agent to fetch and interpret untrusted, third‑party skill listings/descriptions and repositories as part of its decision and installation process.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs runtime installs of external skill packages (e.g., "npx skills add vercel-labs/skills@find-skills -g -y" and "npx skills add owner/repo@skill -g -y"), which fetch and execute remote code and can load skills that directly control agent prompts/behavior, so this is a high-confidence runtime risk.