odoo-18

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The AGENTS.md file explicitly instructs agents (e.g., Cursor/Claude) to add a remote Git repository (git@github.com:unclecatvn/agent-skills.git) so the agent will fetch and load public, user-authored repository content as part of its workflow, which could materially influence decisions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs agents to fetch the Git repository at git@github.com:unclecatvn/agent-skills.git (via Cursor "Add Remote Rule" and npx skills add), which is a runtime dependency whose fetched markdown content would be loaded into the agent as skill prompts/instructions—so this external URL directly controls agent behavior at runtime.