okx-dapp-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill installs third-party plugins via "npx skills add" (including a plugin-store registry) and explicitly reads and forwards the installed plugin's SKILL.md from $HOME/.claude/skills//SKILL.md, so untrusted external plugin content is fetched and interpreted to drive routing and actions, enabling indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill runs the runtime install command "npx skills add okx/plugin-store --skill --yes --global" (fetching the okx/plugin-store plugin remotely) and then reads the installed plugin's SKILL.md to forward the user's prompt into that plugin, meaning remote code/content fetched at runtime directly controls agent instructions.