claude-code-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill automatically "Searches GitHub for community resources" and shares GitHub findings (public repositories) and also fetches public documentation URLs, so it ingests and interprets untrusted, user-generated content from the open web as part of its workflow (e.g., the "GitHub Discovery" step and "Always fetch latest docs" URLs).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly performs runtime web_fetch calls to documentation URLs (e.g., https://docs.claude.com/en/docs/claude-code/settings) and uses the fetched docs to generate agent/skill/command configuration files that directly determine agent prompts/instructions, making this an external runtime dependency that can control behavior.