godot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's CI/setup and installation instructions explicitly fetch and execute public third‑party content (e.g., git clone https://github.com/MikeSchulze/gdUnit4.git, git clone https://github.com/Randroids-Dojo/godot.git, and curl downloads of GitHub release zips for godot-automation), so the agent's workflow consumes untrusted public repositories and binaries from the open web.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). Yes — the skill includes CI/deploy steps that fetch and run remote executables/scripts at runtime (e.g., downloading and executing the Godot automation release https://github.com/Randroids-Dojo/godot/releases/download/automation-latest/godot-automation-linux-x86_64.zip in the E2E job and piping the Butler installer https://itch.io/butler | sh for itch.io deploys), which clearly downloads and executes remote code that the workflows rely on.