github-dns-helper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly downloads and parses untrusted public hosts files (DEFAULT_HOSTS_URLS in scripts/fix_github_dns.py and the -u "custom hosts" option documented in SKILL.md) via curl in fetch_hosts and then applies those entries to the system hosts file, allowing third-party content to materially change network behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). Flagged because the skill explicitly instructs changing ownership and permissions of /etc/hosts using sudo (privileged modifications to a system file), which can alter the machine's state and bypass security controls.