awesome-codex-skills-curator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill installs and loads SKILL.md files from public GitHub repositories using skill-installer/scripts/install-skill-from-github.py (and examples show installing external repos like hyhmrright/brooks-lint), and those SKILL.md instruction files are intended to be read and acted on by Codex, so arbitrary third-party repo content can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The installer examples explicitly git-clone and run a Python install script against GitHub repositories (e.g. https://github.com/ComposioHQ/awesome-codex-skills and other external repos), which fetches SKILL.md instruction bundles at install/runtime that directly control the agent's prompts/behavior.