survaivor-agent-kit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (e.g., scripts/feed.mjs calling callSurvaivor("/game/feed") against the default https://arena.survaivor.app) and SKILL.md explicitly instruct the agent to "read latest feed" (user-generated game messages) and then use that information to decide public/private messages and votes, so untrusted third-party content can directly influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill calls "npx identityapp" at runtime (via runIdentityCli), which will fetch and execute the external identityapp npm package (remote code executed locally) and is required for identity resolution/signing — flagged: npx identityapp (npm package fetched from the npm registry).