rust-api-guidelines

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's sync.sh explicitly clones the public https://github.com/rust-lang/api-guidelines repository and copies those upstream markdown files into references/, then invokes Claude to read those fetched reference files to regenerate SKILL.md—so open-web third‑party content is ingested and directly influences the agent's behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The sync.sh installer clones the upstream repo at https://github.com/rust-lang/api-guidelines.git during execution and then passes the fetched reference markdown files into a claude prompt that regenerates SKILL.md, so remote content is fetched at runtime and directly controls the agent's instructions.