3dprint-advisor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and AGENTS.md explicitly require running scripts/install_klipper_extras.sh which clones and installs third‑party Klipper modules (e.g., klipper_auto_speed, KAMP) from public repositories (GitHub), meaning the agent fetches and executes untrusted, user‑provided code from open/public sources that can materially change behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The skill automates modifying Klipper/Moonraker configuration (via Moonraker file API and SSH), can perform service restarts and inject configs, and writes persistent state locally—so it does change system state—but it does not request sudo, create users, or explicitly instruct bypassing host security or editing OS-level system files on the agent's machine.