Component Creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's templates and scripts (e.g., the eval_secret function in examples/full-component.yml and the variant-example.yml REGISTRY_TOKEN/DEPLOY_KEY using the @url@... pattern) explicitly fetch arbitrary URLs via curl/wget and import their responses as environment secrets, meaning untrusted external content supplied by URL inputs will be read and can influence subsequent job behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime GitLab includes (e.g., component: $CI_SERVER_FQDN/to-be-continuous/component/gitlab-ci-component@1.0.0 and project: 'to-be-continuous/component' ref: '1.0.0' file: '/templates/gitlab-ci-component.yml') which cause GitLab to fetch remote YAML at runtime that directly defines and controls pipeline jobs/instructions, making them runtime external dependencies.