convert-to-apple-container

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2 workflow explicitly fetches and merges a public GitHub branch (git remote add upstream https://github.com/qwibitai/nanoclaw.git; git fetch upstream skill/apple-container; git merge upstream/skill/apple-container), causing the agent to ingest and execute untrusted, user-generated code from a public repository which can materially change runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs git fetch/merge against the upstream repo https://github.com/qwibitai/nanoclaw.git during its runtime to pull and merge source files that will be built and executed, meaning remote code is fetched and integrated into the agent's runtime.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs modifying system firewall rules and /etc/pf.conf using sudo, running privileged container/system start commands, and installing system packages—actions that alter machine state and require elevated privileges, so it's a security-risking prompt.