skill-reviewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md Step 2 explicitly requires installing and invoking a third‑party "writing-skills" skill from a public GitHub URL (npx skills add https://github.com/obra/superpowers --skill writing-skills), so the agent will fetch and execute untrusted external code whose outputs directly influence audit decisions and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill mandates installing and invoking the external writing-skills via npx using the GitHub URL https://github.com/obra/superpowers --skill writing-skills at runtime, which fetches and installs remote code the skill depends on (and that code could execute or control prompts), so this is a required runtime fetch of remote executable content.