busybox-on-windows

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). They include direct links to Windows executables hosted on a third‑party domain (frippery.org) rather than an official, vetted package repository—direct .exe downloads from unverified sites are a high malware risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs downloading a BusyBox binary from a public site (Invoke-WebRequest to https://frippery.org/files/... in step 3), which causes the agent/user to fetch and execute untrusted third-party content that can materially change tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs at runtime to download and run a BusyBox executable from https://frippery.org/files/busybox/busybox.exe (and variants busybox64.exe, busybox64u.exe, busybox64a.exe), which fetches and executes remote code that the skill relies upon.