zeabur-server-list

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SSH workflow explicitly ingests remote server output (including the server's MOTD) — see "The output includes the server's MOTD (Message of the Day) banner. Filter it out when parsing results" in SKILL.md — which means untrusted, administrator-controlled content from third-party servers is read and can influence parsing/actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill repeatedly requires running "npx zeabur@latest", which at runtime fetches and executes remote code from the npm registry (e.g. https://registry.npmjs.org/zeabur or https://www.npmjs.com/package/zeabur), so external content is executed and relied on as a required dependency.