vibesku

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's version-check/update workflow (SKILL.md referencing references/versioning.md) explicitly instructs the agent to read the upstream VERSION from the public URL https://raw.githubusercontent.com/UllrAI/vibesku-agent/main/skill/VERSION and act (update/alter execution) based on that content, which is public third‑party data that can influence tool use and next actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit credit-management and purchase commands (e.g., "vibesku credits [show|buy|redeem ]" and "manage credits (check balance, purchase, redeem)"). Those are direct, purpose-built operations to execute payments/purchases (moving money/charging for credits), not merely generic tooling. Therefore it provides direct financial execution capability.