add-imessage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill adds an iMessage channel that will ingest and process arbitrary user-generated iMessage messages (see SKILL.md "Verify iMessage Channel" and the Channel Info/setup steps), so the agent will read untrusted third‑party content that could contain instructions affecting its behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The install steps fetch and install remote executable channel code — e.g., "git show origin/channels:src/channels/imessage.ts" (fetching the channels branch content) and "pnpm install chat-adapter-imessage@0.1.1" (from the npm registry, e.g. registry.npmjs.org/chat-adapter-imessage) — which will be incorporated and executed by the agent, so external content can control/runtime-execute code.