news-seo-pdf-report

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.85). This is a GitHub repository from an individual/unknown account that is used as a target for npx to fetch and run code — not a direct trusted vendor or package registry — so installing/running from it can execute arbitrary scripts and is potentially malicious unless the repo is audited and well-known.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Sub-skills and Initial Context explicitly require auditing a user-provided target URL (context.target-url) via the google-news-seo sub-skill, which implies fetching and interpreting open/public website content as part of the workflow, exposing the agent to untrusted third-party content from arbitrary URLs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires installing remote sub-skills at runtime via commands like "npx skills add https://github.com/wghust/stark-skills --skill google-news-seo" and "... --skill insight-pdf", which fetches repository content (SKILL.md and code) that the agent will read and execute as instructions, so these URLs directly control prompts/instructions and are required dependencies.