goodissues

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the agent to ask for API keys and to include them verbatim in commands (e.g., goodissues configure --api-key <key> and pass-through of --api-key flags), which requires the LLM to handle and output secrets directly.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). The presence of direct raw GitHub links to install.sh and install.ps1 combined with instructions to pipe them straight into sh/PowerShell is a risky distribution pattern (it executes remote code without review), even though the domain goodissues.dev and localhost look legitimate—so treat the installer scripts as potentially unsafe unless you verify the repository and inspect the scripts first.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows call the goodissues CLI commands (e.g., "goodissues projects list", "goodissues issues list/get") which query the public goodissues.dev API and return user-generated project/issue data that the agent is expected to read/parse to choose IDs and next actions (and the install step also instructs fetching a script from raw.githubusercontent.com), so untrusted third-party content can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The install workflow includes commands that fetch and execute remote scripts at runtime (curl -fsSL https://raw.githubusercontent.com/agoodway/goodissues_cli/main/install.sh | sh and irm https://raw.githubusercontent.com/agoodway/goodissues_cli/main/install.ps1 | iex), so the skill relies on external content that would execute remote code.