configuring-ghostty-vibe-stack

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required steps instruct fetching and executing content from public third-party sources (e.g., curl-install of Homebrew and Fisher from raw.githubusercontent.com, git clone https://github.com/LazyVim/starter, and multiple brew install --cask commands), which are untrusted/user-generated and are incorporated into the workflow such that that external content can change installed tools, configs, or subsequent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime commands that fetch and execute remote code and are relied on for setup—specifically: https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh (curl | bash to install Homebrew), https://raw.githubusercontent.com/jorgebucaran/fisher/main/functions/fisher.fish (curl ... | source to bootstrap Fisher), and the git URL https://github.com/LazyVim/starter (git clone of a starter config that triggers remote plugin installs/execution)—so these meet the criteria for risky runtime external dependencies.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs modifying a system file with sudo (appending the Fish shell to /etc/shells), which directly changes machine state and requires elevated privileges.