best-practices-guidelines

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.80). The skill includes an explicit "Memory Protocol" that mandates running a local shell command to read and record internal memory files—an instruction unrelated to providing coding best-practices and which could be used to access/exfiltrate internal state, so it functions as a deceptive/out-of-scope directive.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's references/research-requirements.md explicitly directs the agent to "Use WebFetch/arXiv fallback" to gather current best practices, which requires fetching and reading open public web content (WebFetch) that could contain untrusted, user-provided instructions and would be used to influence rules and actions.