oracle-soul-sync-calibrate-update

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches untrusted data from the public GitHub API (curl https://api.github.com/repos/Soul-Brews-Studio/oracle-skills-cli/tags), assigns the tag name to $LATEST, and then uses that value to drive install/update commands, so third-party tag/content can directly change tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.95). The skill invokes a runtime install that downloads and executes remote code from the GitHub package reference github:Soul-Brews-Studio/oracle-skills-cli#$LATEST (and queries https://api.github.com/repos/Soul-Brews-Studio/oracle-skills-cli/tags), which directly supplies/updates agent skills (instructions) and thus controls prompts/execution.