se-dev-mod

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and indexes user-generated mods from the Steam Workshop and local mod folders (see list_mods.py / index_mods.py using SteamMods/ and LocalMods/) and also fetches third-party installers (busybox.exe from frippery.org and an uv install script from astral.sh in Prepare.bat), so it ingests untrusted public content that the agent parses and which can materially influence searches and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). Prepare.bat, which the skill requires during its one-time prepare action, fetches and executes remote code at runtime (powershell "irm https://astral.sh/uv/install.ps1 | iex" to install uv) and downloads an executable used at runtime (https://frippery.org/files/busybox/busybox64u.exe), so these URLs supply and execute required external code.