ascend-transformer-boost

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The atb-aclnn-operator-replacement-designer SKILL.md (and related workflow) explicitly requires the agent to WebFetch and parse user-provided ATB/ACLNN interface document URLs to generate parameter mappings and drive subsequent phases (with WebFetch failures blocking progress), so arbitrary third‑party pages could be ingested and materially influence the agent's decisions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill set performs runtime fetch-and-execute operations (build scripts and installer steps) that clone/pull external code/images — for example the build replaces GitHub sources and may git clone https://gitcode.com/nlohmann/json.git (and also pulls images like quay.io/ascend/cann:...) which will fetch remote code that is compiled/executed as a required dependency.