brand-design-md

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's helper (scripts/getdesign-helper.mjs) explicitly runs live commands like "npx getdesign@latest list" and "npx getdesign@latest add --out " to fetch public DESIGN.md files from getdesign.md, and the SKILL.md requires reading those fetched DESIGN.md tokens to drive UI/code generation, so untrusted third‑party content can directly influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The helper explicitly runs external runtime commands (e.g., "npx getdesign@latest list" / "npx getdesign@latest add ") and fetches DESIGN.md content from the external getdesign service (referenced as https://getdesign.md), and that fetched content is read at runtime and directly drives the model's prompts/tokens and is required for the skill to function.