oracle

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The /oracle prepare step runs "go install github.com/x-motemen/ghq@latest", which at runtime fetches and builds remote code from the URL github.com/x-motemen/ghq (executing that remote code) and is treated as a required dependency for the skill.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt explicitly instructs installing system packages using platform package managers with sudo (e.g., sudo apt install, sudo dnf install, sudo pacman -S) and running global installs, which directs the agent to perform privileged system modifications that change machine state.