pipes-new-indexer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and parse untrusted, public third-party content (e.g., WebFetch calls to Etherscan/BaseScan in references/ABI_GUIDE.md and Portal dataset queries like https://portal.sqd.dev/... shown throughout SKILL.md) and to use those ABIs/IDLs and query results to drive decoding, template selection, and runtime actions, so external content can materially influence the agent's behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill repeatedly instructs running npx to fetch and run remote npm packages (e.g., "npx @iankressin/pipes-cli@latest" and other npx calls like "npx @subsquid/evm-typegen@latest"), which downloads and executes remote code at runtime and the skill relies on those packages as required dependencies, so these are runtime external dependencies that execute remote code.