composiohq-awesome-claude-skills-seo-content-marketing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to fetch and analyze arbitrary public websites and SERP results (e.g., /content-audit https://example.com, /technical-seo https://example.com, the shell scripts that curl the target domain and Google search results), so untrusted third‑party page content is read and used to drive decisions and follow-up actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's installation explicitly instructs fetching and installing the external repository (git clone https://github.com/ColonyShopkeeper/r08-composiohq-awesome-claude-skills-seo.git and the corresponding main.zip), which is a required external dependency whose files are loaded as the skill runtime definitions that control agent commands and prompts.