flow-nexus-neural

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly lists and deploys items from a public Template Marketplace (see the "Template Marketplace" section and calls like mcp__flow-nexus__neural_list_templates and mcp__flow-nexus__neural_deploy_template, and the linked https://flow-nexus.ruv.io/templates), which exposes user-contributed/untrusted marketplace metadata and templates that the agent is expected to read and can directly influence deployment actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's prerequisites invoke "npx flow-nexus@latest" (e.g., claude mcp add flow-nexus npx flow-nexus@latest mcp start / npx flow-nexus@latest register), which fetches and executes remote npm package code at runtime as a required setup step, so it is a runtime external dependency that executes remote code.