install-skills-for-personal-work

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly directs installing packages from public repositories (e.g., "npx skills add /" and the personal skill list entries like obra/superpowers, vercel-labs/agent-skills), which fetches and ingests untrusted, user-generated third-party code that can change agent behavior at runtime.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs running npx to fetch and install external skill packages (which will execute remote code and supply agent behavior), e.g. the repository installs shown like "npx skills add obra/superpowers", "npx skills add vercel-labs/agent-skills", "npx skills add anthropics/skills", and "npx skills add supabase/agent-skills" are runtime fetches of external code that can directly control agent prompts/behavior.