flow-nexus-neural

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly browses and deploys models from a public "Template Marketplace" (see the "Template Marketplace" section and calls like mcp__flow-nexus__neural_list_templates and mcp__flow-nexus__neural_deploy_template) which returns user-contributed templates/reviews that the agent is expected to read and act on, creating a clear avenue for untrusted third-party content to influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's prerequisites instruct running "npx flow-nexus@latest" (and related register/login steps), which fetches and executes remote npm package code at setup/runtime, so the skill relies on executing external code fetched from the network (flagged: npx flow-nexus@latest, and associated flow-nexus.ruv.io endpoints).