data-structure-protocol

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs downloading and using a public script via "curl -O https://raw.githubusercontent.com/.../dsp-cli.py" (Initial Setup), meaning the agent's workflow depends on executing user-generated code fetched from an open third-party URL which could change behavior or inject instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly directs downloading and running a remote Python script at https://raw.githubusercontent.com/k-kolomeitsev/data-structure-protocol/main/skills/data-structure-protocol/scripts/dsp-cli.py (curl -O ... then python dsp-cli.py), meaning it fetches and executes external code at runtime as a required dependency.