r13-danielrosehill-claude-slash-commands-seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and analyzes arbitrary public websites and SERP/top-ranking pages (e.g., /technical-seo https://example.com, /content-brief --url https://example.com/old-post, /keyword-research --analyze-top 10), ingesting untrusted third-party web content that directly influences analyses and automated workflow actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly uses a runtime Claude command to fetch raw GitHub content—"/read https://raw.githubusercontent.com/Dimensionparail/r13-danielrosehill-claude-slash-commands-seo/main/SKILL.md"—which would load external instructions that directly control the agent's prompts, so this is a high-risk runtime dependency.