neta-creative

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires calling read_collection (see SKILL.md and references/collection-remix.md) to fetch user-created works (including launch_prompt/core_input, reference_planning and ref_image URLs) and then uses that returned, user-generated content to drive generation commands, so untrusted third‑party content can materially influence subsequent tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill consistently invokes the remote CLI package via "npx -y @talesofai/neta-skills@latest", which fetches and executes remote npm package code at runtime and is required for the skill's commands, so this external dependency can execute code during runtime.