skills-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This meta-skill explicitly requires running the vendored "Skill Seekers" scraper (see SKILL.md workflow step 0 and references/skill-seekers.md) and includes scraper configs and scripts (scripts/Skill_Seekers-development/, e.g. configs/*.json and skill-seekers.sh) that fetch and ingest open documentation sites, GitHub repos, and PDFs—untrusted third‑party content that is parsed into Skills and can materially change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The vendored Skill Seekers tool is run at runtime with configs that fetch external docs which are parsed and converted into SKILL.md (agent instructions); for example the hono config references an external llms.txt that will be downloaded and injected: https://hono.dev/llms-full.txt, so fetched content can directly control prompts.