coding-standards

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly tells the agent to fetch and read external style guides via WebFetch from public URLs (e.g., raw.githubusercontent.com, eslint-config.antfu.me, rust-lang.github.io, llvm.org), so the agent ingests untrusted third-party content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent to WebFetch external style guides at runtime (e.g. https://raw.githubusercontent.com/google/styleguide/refs/heads/gh-pages/pyguide.md, https://eslint-config.antfu.me/rules, https://raw.githubusercontent.com/uber-go/guide/refs/heads/master/style.md, https://rust-lang.github.io/api-guidelines/print.html, https://llvm.org/docs/CodingStandards.html, https://raw.githubusercontent.com/airbnb/javascript/refs/heads/master/README.md) and then use that fetched content to drive prompts/instructions, so these URLs are runtime dependencies that directly control agent behavior.