amd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's installation instructions (§11 "How to Use This Skill") explicitly tell the agent to read a public GitHub raw URL (https://raw.githubusercontent.com/lucaswhch/awesome-skills/main/skills/enterprise/amd/SKILL.md), meaning the agent would fetch and apply untrusted, user-hosted third‑party content that can directly change its behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The installation instructions tell the agent/user to "Read https://raw.githubusercontent.com/lucaswhch/awesome-skills/main/skills/enterprise/amd/SKILL.md" (and similarly the amd-engineer SKILL.md raw URL), which at runtime would fetch remote SKILL.md content that directly supplies system prompts/instructions controlling the agent.