init-nextjs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs running npx create-next-app@latest which fetches a public template and later explicitly tells the agent to read and modify <name>/eslint.config.mjs (a file produced by that third-party template), so the agent will ingest and act on untrusted, user-supplied code/content from the public npm/GitHub ecosystem.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill invokes npx/npm commands (e.g., "npx create-next-app@latest", "npx husky init", and npm installs) which fetch and execute packages from the npm registry (e.g., https://registry.npmjs.org/) at runtime, so external code is executed and the skill relies on those external packages.