ui-ux-pro-max

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (Step 2 "Search Relevant Domains" and the Example Workflow) explicitly runs ../../.shared/ui-ux-pro-max/scripts/search.py to fetch and synthesize search results from open/public domains (product, style, typography, color, landing, ux, etc.), meaning the agent ingests untrusted third-party web content that can influence its actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs installing system packages and explicitly uses a "sudo apt install" command as a prerequisite, which directs the agent to obtain elevated privileges and modify system state.