rustyseo-toolkit

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These URLs include GitHub releases and a personal website distributing platform installers (.msi, .dmg, .AppImage/.deb) from an individual account and even instruct bypassing "Unknown Developer" warnings — direct executables from unverified/personal sources are higher-risk and should be verified (repo activity, signatures/checksums, virus-scan) before running.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill’s runtime “AI Chatbot with Crawl Context” path (ai_chat invoked with context: JSON.stringify(currentPageData)) can include outsider-authored free text because currentPageData is derived from crawling arbitrary URLs/pages (public web content) and that page body/text is fed into the LLM context.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The installation instructions explicitly perform git clone and then run the fetched code (git clone https://github.com/mascanho/RustySEO.git and git clone https://github.com/mascanho/RustySEO-Headless.git, and downloading installers from https://github.com/mascanho/RustySEO/releases), which is high-confidence evidence that external URLs are used to fetch and execute remote code required to run the skill.