pravidhi-yc-oss

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches JSON from the public YC OSS API (BASE_URL "https://yc-oss.github.io/api" in scripts/yc_client.py), then reads and formats fields like one_liner/long_description "for LLM consumption" and uses that text for filtering/sorting, so public/untrusted third‑party content can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill fetches live JSON from https://yc-oss.github.io/api at runtime and injects that data into formatted output intended "for LLM consumption", meaning the remotely fetched content directly controls the agent's prompt/context and is a required runtime dependency.