zeabur-deployment-logs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md workflow explicitly instructs running npx zeabur@latest deployment log to fetch runtime/build logs from Zeabur, which are untrusted/user-generated logs the agent is expected to read and that can materially influence follow-up actions (e.g., restarting services), so they could carry indirect prompt-injection content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill mandates running "npx zeabur@latest" at runtime, which fetches and executes remote code from the npm registry (i.e., an external package fetch), so the skill relies on and executes remote code fetched at runtime.