astro-expert

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The prompt includes a "Memory Protocol (MANDATORY)" that instructs the agent to read and write an internal memory file (.claude/context/memory/learnings.md), which is unrelated to the Astro expertise and attempts to access/persist agent-internal state — a hidden/deceptive instruction outside the skill's stated purpose.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill is mostly benign code and docs for an Astro expert, but it contains a mandatory "Memory Protocol" that explicitly instructs reading and recording the agent's local memory file (.claude/context/memory/learnings.md), which is a deliberate data-access/exfiltration and privacy/backdoor risk.