credit-rating-analyst

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Platform Support (§5 in SKILL.md / references/5-platform-support.md) explicitly instructs agents to "Read [URL] and apply/activate" pointing to https://awesome-skills.dev/skills/finance/credit-rating-analyst.md, which directs the agent to fetch and act on external web content that could be untrusted and thus influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Platform Support section instructs certain platforms to "Read [URL] and apply/activate" the skill, meaning the agent would fetch and apply remote system-prompt content from https://awesome-skills.dev/skills/finance/credit-rating-analyst.md at runtime, which directly controls prompts—so this external URL is a runtime dependency that can modify agent instructions.