unified-find-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to query and parse public registries (e.g., npx skills for skills.sh, clawhub search, and curl https://tessl.io/registry/discover?contentType=skills) and to use those untrusted, user-contributed skill descriptions to choose and install skills, so third-party content can directly influence tool use and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly runs "npx skills" at runtime (e.g., "npx skills find" / "npx skills add"), which fetches and executes remote package code from the npm registry (runtime remote code execution), so this is a required external dependency that executes remote code.